[SOLVED] fail2ban ... setup

Support for security such as Firewalls and securing linux
Post Reply
lightman47
Posts: 1026
Joined: 2014/05/21 20:16:00
Location: Central New York, USA

[SOLVED] fail2ban ... setup

Post by lightman47 » 2015/01/14 17:49:36

I have two CentOS servers running one is 6.6 and the other 7. I got fail2ban installed & running on both. According to documentation it appears it watches /var/log/auth.log ... which exists on neither machine.

http://www.fail2ban.org/wiki/index.php/ ... bruteforce

Am I misunderstanding something? I am trying to make sure the SSH portion is working before I expand it to vsftp. I have created a mail setcion and supplied an address, but it may take a few days before I get "hammered" with attempts again. (Oh - reminds me, gotta set the attempt level in denyhosts on the 6.6 server up to 4 so fail2ban gets a chance at it.)

Thank you.

edit:

Whatta doap! Wrong log setting - was for Debian, Mandrake, etc. OK - just need to read how to change it and I'll be good to go!
Multple login IDs are not your friend when asking for help!

lightman47
Posts: 1026
Joined: 2014/05/21 20:16:00
Location: Central New York, USA

Re: [SOLVED] fail2ban ... setup

Post by lightman47 » 2015/01/14 19:09:07

addendum: Because I'd installed via YUM the jail.conf(cp to .local) already had the correct filespec.
Multple login IDs are not your friend when asking for help!

Post Reply

Return to “CentOS 7 - Security Support”