fail2ban on CentOS 7 for ssh access
Basic installation and configuration of fail2ban on CentOS 7 (RHEL7) for ssh access.
(Changing some of the default values)
(Changing some of the default values)
- Add EPEL repositories
wget http://epel.mirror.nucleus.be/7/x86_64/e/epel-release-7-1.noarch.rpm rpm -i epel-release-7-1.noarch.rpm
- Install packages
yum install fail2ban-firewalld fail2ban-systemd
- create /etc/fail2ban/jail.local
[DEFAULT] findtime = 5000 [sshd] enabled = true
- Create /etc/fail2ban/action.d/firewallcmd-ipset.local
[Init] bantime = 10000
- Enable and start fail2ban:
systemctl enable fail2ban systemctl start fail2ban
- Check if selinux isn't blocking fail2ban from accessing the logs
tail /var/log/audit/audit.log
![[WAF-FLE] Web application firewall: fast log and event console](https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgNUiNj5SjQeu8VhkRyfVjV4mP1bHFkRLpos0NqOznjOFmrqXmnTaqDd-0btKDqtpn3Ay_K8B6Vy75b8yyJyCeSZrUY7NJPG0GRBfEbdmFs1A7fpWMRKQa5jzzm8JOrTc3zAC7GIumQmTk/s72-c/waf-fle.png "[WAF-FLE] Web application firewall: fast log and event console")
0 comments: