Ubuntu Servers :: Creating A List Of Banned IP's With Fail2ban
Oct 16, 2010
I'm trying to use a technique suggested by a fella at this website....
[URL]
He suggests adding an echo line to the actionban line in order to create or add to a file that will contain a list of all the IP's that fail2ban has banned.....but it doesn't seem to generate any output. .....here is the command.....
actionban = iptables -I fail2ban- 1 -s -j DROP
echo >> /etc/shitlist
I never get any IP's in the file so the echo part does not seem to work.
View 5 Replies
ADVERTISEMENT
Sep 14, 2010
i have fail2ban on server but everytime fail2ban conducts a log rotation it unbans all the banned IP's. I have ip's to be banned for a week whenever a log rotation happens or i restart fail2ban i dont want all the ip's released! I was thinking there was a script or patch that would fix this but i have come up short.
View 2 Replies
View Related
Sep 28, 2010
My fail2ban won't block relay attempts (it does block ssh)
mail.log contains lots of
Code:
NOQUEUE: reject: RCPT from 118-167-6-196.dynamic.hinet.net[118.167.6.196]: 554 5.7.1 <333@fgytry.myip.org>: Relay access denied
jail.conf
[Code]....
View 4 Replies
View Related
Jan 3, 2010
I have spent hours installing different packages and have everything pretty much how I want them. Is there a way to get a list of all the packages and/or save it in a way that should I need to reinstall, I do not miss anything
View 1 Replies
View Related
Oct 15, 2010
I need to create a program where the user creates an account and he/she is entitled to add interests and creating friendships with other users.The main algorithm depends on an object which is the user and its attributes are adding interests, friends, so on.Users are stored in a linked list while their interests are stored in another list.What I want to do is every time a new user is created dynamically create a new list during execution for personal info. storage. Is that possible?
View 12 Replies
View Related
Jul 11, 2010
I have a file having name test.txt content of which is following My Self is Arvind Kumar.My Date of Birth is 21/07/1984.I am 26 year year old.I did M.Sc Informatics from Delhi University in 2008.I did B.Sc Electronics from Acharya narendra Dev college Delhi University.I did my schooling from DAV Yusuf sarai.Curren tly I am working with InterGolbe Technologies as a Associate software Engineer.I want to be Linux Expert. What I am doing I am creating a list of words,But i want to take B.Sc and M.Sc as a single word
[Code]....
View 5 Replies
View Related
May 3, 2010
I have Webmin installed on an Ubuntu server. I currently have a successful apache server running on port 80, however I want to create a virtual host on port 81. When I try I go to servers->Apache Webserver-> Create Virtual Host I change the port to 81 and the document root to /var/port81www then I click create. How ever when I goto 192.168.1.5:81 (local ip, I know I have to port forward but its not even working local) it does not work.
View 5 Replies
View Related
May 10, 2010
Currently suffering from this bug:If you don't want to read the whole thing, it appears fail2ban overloads IPTables when you have too many jails, and sends a wholeload of commands at once.I attempted to use the workaround making it sleep for a random period of time, but this does not help at all, it still fails like it used to.Any ideas? Fail2ban is a pretty popular app...Ubuntu 9.10.
Code:
$ aptitude show fail2ban
Package: fail2ban
[code]...
View 1 Replies
View Related
Feb 5, 2011
I installed fail2ban from the Ubuntu Software Center (Ubuntu 10.10) and everything seemed to go fine. But when I try to access the client I get this output:
Code:
wolfgang@Culture:/var/log$ fail2ban-client status
ERROR Unable to contact server. Is it running?
[code]....
View 2 Replies
View Related
Apr 12, 2010
I'm trying to implement this method to block php injection attack using fail2ban: here it is, however I'm not sure it applies to Ubuntu. You see, there's this filter that must be added to the fail2ban jail file:
HTML Code:
[php-url-fopen]
enabled = true
port = http,https
filter = php-url-fopen
[Code]....
View 7 Replies
View Related
May 10, 2010
Currently suffering from this bug:If you don't want to read the whole thing, it appears fail2ban overloads IPTables when you have too many jails, and sends a whole load of commands at once.I attempted to use the workaround making it sleep for a random period of time, but this does not help at all, it still fails like it used to.Any ideas? Fail2ban is a pretty popular app...Ubuntu 9.10.
Code:
$ aptitude show fail2ban
Package: fail2ban
[code]...
View 6 Replies
View Related
Dec 2, 2015
I'm getting loads of hacking attempts on my pop3 daemon. Looks like fail2ban is not stopping it. How to ban these type of attacks?
Dec 2 12:14:49 sosaria pop3d: Disconnected, ip=[::ffff:109.81.181.238]
Dec 2 12:14:49 sosaria pop3d: Connection, ip=[::ffff:109.81.181.238]
Dec 2 12:14:49 sosaria pop3d: LOGIN FAILED, user=duky, ip=[::ffff:109.81.181.238]
Dec 2 12:14:54 sosaria pop3d: Disconnected, ip=[::ffff:109.81.181.238]
Dec 2 12:14:54 sosaria pop3d: Connection, ip=[::ffff:109.81.181.238]
[Code] ....
I've got in my /etc/fail2ban/jail.local:
[dovecot]
enabled = true
port = pop3,pop3s,imap,imaps
filter = dovecot
logpath = /var/log/mail.log
maxretry = 3
[Code] .....
View 10 Replies
View Related
Feb 11, 2011
I yesterday installed fail2ban on my server and I see I am not getting logs for the genuine people also who log in to my machine.In
Quote:
/var/log/auth.log
It is a Ubuntu server and I had installed fail2ban via
Quote:
apt-get install
I thought some thing might be in
Quote:
/var/log/fail2ban.log
but there I do not see any thing
Quote:
2011-02-10 20:26:35,002 fail2ban.server : INFO Changed logging target to /var/log/fail2ban.log for Fail2ban v0.8.4
2011-02-10 20:26:35,003 fail2ban.jail : INFO Creating new jail 'ssh'
2011-02-10 20:26:35,003 fail2ban.jail : INFO Jail 'ssh' uses poller
2011-02-10 20:26:35,031 fail2ban.filter : INFO Added logfile = /var/log/auth.log
[Code].....
View 1 Replies
View Related
Aug 26, 2010
I've had fail2ban setup for awhile for my SSH server, and that works beautifully (I had someone I knew attempt to access it and get banned) however I then tried to set it up to ban people scanning my webserver for lots of other pages which dont exist (and have never been linked to) such as phpMyAdmin.
In my jail.conf I have:
Code:
However Looking at this I realise I need to edit the filter.d/apache-error.conf
I'm not sure exactly how to setup the regex to ban the correct hosts
The errors from the scanners are like this:
Code:
View 1 Replies
View Related
Sep 9, 2010
I am having issues getting yum to work with the repos for fail2ban and denyhosts. I followed the centos link on installing/cfg repos. However every time i run yum install fail2ban or denyhosts it does not find the software. I read in several google searches that I should be able to install it using yum. Is that info wrong? These are the link I was s reading too from centos. [URL]. I know I can download the rpm or a tar file but I would like to keep it in sync with yum if possible. May be I have the wrong repo? CentOSPlus is enabled also.
View 3 Replies
View Related
Sep 2, 2010
Installed 10.04 as a LAMP. I want to be able to create a new intranet site for testing purposes.
When creating a new site with in apache, what is the recommendation for the folder? With in the var/www? Everything appears to want a domain address and since its local only, what do I use as a domain?
I have webmin installed and I would think creating a virutual server would be my first step, but I am getting hung up on the domain address.
View 2 Replies
View Related
Nov 18, 2009
I have been trying for days now to get this to work. didn't want to bother people with my questions, i have installed Fail2Ban 0.8.4 on CentOS 5.4.
I get the email notifications from Fail2Ban stating that it just blocked another IP, however, when i look at the iptables through webmin, nothing is actually in there, also the log/secure file dose not show that the ip has been blocked.
Even when I try to log-in with the wrong password, after a few tries i get the email telling me that my ip is blocked, however, I can still SSH using my 'blocked' IP.
View 7 Replies
View Related
Feb 5, 2010
I am interested in creating a photoblog on Wordpress. Before I jump in I thought it would be wise to ask a few questions here first rather than getting into trouble and then firing absurd questions left and right. I am not very experienced regarding servers but not afraid either I was reading How-to's online reagarding installing Wordpress on Linux [url] and few questions came to mind :
1) Like any other server, does the computer that will run Wordpress have to be up and running for 24/7?
2) Since I will install Wordpress on a desktop, should I be concerned about my machine being compromised? I am not an expert on internet security so this is a big concern of mine.
3) Is it a good idea to install Wordpress on a personal desktop at all? Does running Wordpress from a different partition of the hard drive (if it is possible) help at all.
View 4 Replies
View Related
Oct 21, 2010
What is the recommended filesystem to use when creating a home server/nas?
I'd be sharing files using SAMBA, DLNA Server or some sort of streaming. I'll have two win7 laptops, 2 ubuntu desktops and ps3 accessing the files. Most of the time the server will just 75% read from 25% writing.
Would ext4 be an ideal?
View 4 Replies
View Related
Apr 6, 2011
I need to create .conf and .load files for php. PHP is installed and I've verified PHP with
test.php <?php
print_r (phpinfo());
?>
Is there boilerplate available for creating the .load and .conf files? I am having trouble finding it in what's been installed.
View 3 Replies
View Related
Jan 25, 2010
I have been looking at how to create a domain with only linux servers, but with both Windows and Linux PC's as clients.
View 2 Replies
View Related
Apr 27, 2010
I have a little problem: I have a share folder on Ubuntu server: - Dump That folder is share with SAMBA and everyone can put files on it
My problem is the following: When someone create a folder, the folder permissions are automatically set with:
(let's take my username: Yann)
Owner: Yann
Group: Yann
Clearly that's wrong.. I want the Group to be auto set has "users" so everyone can access the folders on that share. Anyone know how to change this ? chmod and chown is getting a bit boring
View 2 Replies
View Related
Sep 8, 2010
I am thinking of starting a business creating web pages and supplying a 'enterprise server' type solutions, whilst still being highly cost effective - eg recomend the client to use an 'old' pc for the majority of their server needs (LDAP, mail, firewall, web server etc). I plan on doing all of this on a linux platform, so as to pass the cost savings of related 'microsoft enterprise systems' to my clients ~ thereby making my proposition more interesting to clients. However I'm not sure if the 'old' pc idea will 'cut the mustard' in terms of serving web pages. So my real question is, at what point does the speed of the internet connection reach a bottle neck with the speed of my CPU? As an 'example' in case I'm not being very clear (which I'm not sure I am).
My old pc has an AMD athlon chip in it, and equally old 30GB and 40GB HDD (SCSI ~ did I mention that they are old!). My intention is to set up a system to the above type specification at home, to see how long it takes me to do, and to give me an idea of what I should charge clients. I understand all the technology, but initially (to save on personal startup costs) I was intending to use my old pc as my personal gateway to the world, $40 for the web registration for 1 year is a considerable saving compared to the $20 per month for a hosted service ~ although as soon as things are going and being 'profitable' I would most likely either upgrade my server or get a hosted service. Any tools I can download onto the server to 'determine' the power consumption over any given period?
View 8 Replies
View Related
Mar 1, 2011
I recently created a webserver to host my website, using a Ubuntu 8.10 based system. (With some help from my experienced brother of course).I now want to create a mailserver to go along with my website. In setting up postfix to work with gmail smtp servers, I ran into a lot of permission errors.
View 2 Replies
View Related
Mar 14, 2011
I have an Ubuntu server running Samba and I would like to share out the cdrom drive to the network. I made a share of the /media directory and it seems to work fine when I insert USB drives and I am able to browse and work with files. However, when I insert a cdrom it automatically mounts to /media/<volume name> and I get a permission denied error when I attempt to access it over the network. I am assuming this is happening because the permissions do not include the execute bit and being a read only file system I can not change this. I made the directory /media/cdrom and manually mounted the cdrom to it and I can successfully access it over the network just like the USB drives. So my question is: Is there a way to make the cdrom automatically mount and unmount to /media/cdrom when I insert and eject disks instead of to /media/<volume name>? Or maybe just have the permissions automatically set so Samba users can open it instead of just see it.
View 1 Replies
View Related
Feb 12, 2009
I am looking into creating a web caching server for myself using fedora 10. I believe I need to use squid for this but it seems to have a lot of features. Basically, all I want for now is to be able to cache web pages that I and my network users use the most, increasing access time and lowering the load on my internet connection. Can squid do this and can someone point in the right direction on an article on how to configure such a thing?
View 5 Replies
View Related
May 25, 2010
I have set up proftpd many times now one Ubuntu 9.10 and never ran into any problems. I decided to go ahead and do a clean install of the new 10.04 and set everything back up (ie ssh ftp apache... ect)I got done with ssh with no problems and started working on getting proftpd up and running just like I've always have. But now every time I try to login it gets to where it should list all the files in my dir and it just times out. If I connect through my network (192.168.1.101) everything works fine so I dont think its my .conf file.ll ports are open that are needed and I even tried opening up the passive ports to see if that would help but it does not.
View 1 Replies
View Related
Sep 16, 2009
I'm putting a server together and have run into a boot up problem. (I thought about putting this in the server forum, but it might be a more generic problem that others have seen and know how to rectify.) The install seems to have gone just fine. I have the /boot partition on an internal IDE drive. The rest of that drive and another are mirrored in a Raid0 configuration (using the Linux software to do that) for data storage. The swap partition is a part of the Raid5 SCSI array that also has the / (root) partition on it.
After installation it would not finish the booting process. I suspected that GRUB didn't like all the Raid arrays and such, but it seems to be fine. I can say that because the machine will boot into rescue mode with the GUI splash screen and I have access to the whole directory tree. I have already searched on-line and following prudent advice, ran the yum update while in the chroot /mnt/sysimage mode. That only took overnight to download and most of this morning to complete. Still no dice. Used vim to delete the rhgb quiet commands in the grub.conf file so I could see where the kernel seems to be hanging.
So right after the "Creating initial device nodes" is a line about my generic PS2 wheel mouse. So I tried a USB mouse. Got more output so tried swapping out to a USB keyboard. Got a little further with more information about input devices, but still stops. Also, I tried a PCI video card just to make sure the onboard video wasn't the problem - no change. So, if someone in the Fedora community knows what loads up or is configured right after the mouse and keyboard, I might be able to figure out what's causing the computer to hang during the boot process.
View 2 Replies
View Related
Feb 28, 2010
I'm working on setting up a new subversion server and getting an error I'm not having much luck resolving.
I'm attempting to create the repository in /home/svn/foo with the command svnadmin create /home/svn/foo while in /home/svn.
I am greeted with the error: svnadmin: SQLite compiled for 3.6.20, but running with 3.6.17
I installed subversion via yum install subversion
I've installed SQLite 3.6.22 from source and removed/installed subversion with no change.
What gives? I wasn't really wanting to install subversion from source. Seems a bit excessive.
Environment stuff:
[root@COS svn]# yum repolist
Loaded plugins: presto, refresh-packagekit
repo id repo name status
fedora Fedora 12 - i386 enabled: 15,366
updates Fedora 12 - i386 - Updates enabled: 4,731
repolist: 20,097
View 1 Replies
View Related
Feb 7, 2011
I need to create a lot of users locally on my server.I have these info:username:GID:UID.How I can make a "for cycle" for make a multiple useradd? (useradd -u UID -g GID -m /home/USERNAME -s /bin/bash USERNAME)I tried to do this:
touch userlist.txt (UID:GID:USERNAME)
100:110:user1
200:210:user2
[code]...
View 6 Replies
View Related
