πŸ’‘
cheatsheets
  • πŸ‘‹Introduction
  • πŸ‹Docker
  • πŸ’ͺBrute Force
    • Hydra
  • πŸ—οΈCryptography
    • Generate pub/priv key
  • 🐧Linux
    • Curl
    • Debian
    • Fail2Ban
    • Find
    • Grep & Co
    • Netstat
    • ps
    • pdfcrack
    • qpdf
    • Rsync
    • Scp
    • Tmux
    • Ufw
    • Vim
  • 🐍Python
    • Files Handling
    • Web
  • πŸ‘οΈRecon
    • Cewl
    • DNS
    • Host Discovery
    • nmap
    • Web
  • πŸ”Splunk
    • tstats
  • πŸ“‘SSH
  • πŸ•ΈοΈWeb
    • Gobuster
    • OWASP
    • SQLi
      • Resources
  • ⛏️Resources
    • πŸ“‘Cheatsheets
    • πŸ‹οΈTrainings
Powered by GitBook
On this page
  1. Linux

Fail2Ban

Linux tool against brute force attacks on services

SSHD

Configuration of the filter

/etc/fail2ban/filter.d/sshd.conf
[Definition]
failregex = ^(?:error: PAM: )?[A|a]uthentication failure for .* from <HOST>\s*$
ignoreregex =

Configuration of the jail

/etc/fail2ban/jail.conf
[sshd]
enabled = true
port = 22
filter = sshd
logpath = /var/log/auth.log
maxretry = 8
findtime = 1d
bantime = 30d
# Will lock for 30 days after 8 attemps in 24h
PreviousDebianNextFind

Last updated 1 year ago

🐧