On Wed, May 03, 2023 at 07:22:28PM -0500, Michael L wrote: > google search yielded: > "By default, fail2ban works with iptables. However, > *this has been deprecated in favor of the firewalld" . *
fail2ban is available in EPEL for EL7:
yum --enablerepo=extras install epel-release
yum --enablerepo=epel install fail2ban-server fail2ban-sendmail fail2ban-systemd
Configure as necessary and then enable and start with:
systemctl enable fail2ban.service
systemctl start fail2ban.service
> I have a 29 character root password and will lengthen the other sudo
> passwords. I hope to be rid of this CentOS 7 system soon, but until then
> it's best to install an additional roadblock to the brute force login
> attempts.
Move sshd to another port; it does nothing to heighten security but it
will reduce log / alert volume by more than a bit.
John
--
In view of the fact that God limited the intelligence of man, it seems
unfair that he did not also limit his stupidity.
-- Konrad Hermann Josef Adenauer (1876-1967), West German Chancellor from
1949-1963, as quoted in Through Russian Eyes: President Kennedy's 1036
Days (1973) by Anatoli-Andreevich Gromyko
--
--
You received this message because you are subscribed to the Google Groups
"NLUG" group.
To post to this group, send email to nlug-talk@googlegroups.com
To unsubscribe from this group, send email to
nlug-talk+unsubscr...@googlegroups.com
For more options, visit this group at
http://groups.google.com/group/nlug-talk?hl=en
---
You received this message because you are subscribed to the Google Groups
"NLUG" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to nlug-talk+unsubscr...@googlegroups.com.
To view this discussion on the web visit
https://groups.google.com/d/msgid/nlug-talk/20230504003823.GC24663%40elros.gerdesas.com.
signature.asc
Description: PGP signature
