On Wed, May 03, 2023 at 07:22:28PM -0500, Michael L wrote: > google search yielded: > "By default, fail2ban works with iptables. However, > *this has been deprecated in favor of the firewalld" . *
fail2ban is available in EPEL for EL7: yum --enablerepo=extras install epel-release yum --enablerepo=epel install fail2ban-server fail2ban-sendmail fail2ban-systemd Configure as necessary and then enable and start with: systemctl enable fail2ban.service systemctl start fail2ban.service > I have a 29 character root password and will lengthen the other sudo > passwords. I hope to be rid of this CentOS 7 system soon, but until then > it's best to install an additional roadblock to the brute force login > attempts. Move sshd to another port; it does nothing to heighten security but it will reduce log / alert volume by more than a bit. John -- In view of the fact that God limited the intelligence of man, it seems unfair that he did not also limit his stupidity. -- Konrad Hermann Josef Adenauer (1876-1967), West German Chancellor from 1949-1963, as quoted in Through Russian Eyes: President Kennedy's 1036 Days (1973) by Anatoli-Andreevich Gromyko -- -- You received this message because you are subscribed to the Google Groups "NLUG" group. To post to this group, send email to nlug-talk@googlegroups.com To unsubscribe from this group, send email to nlug-talk+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/nlug-talk?hl=en --- You received this message because you are subscribed to the Google Groups "NLUG" group. To unsubscribe from this group and stop receiving emails from it, send an email to nlug-talk+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/nlug-talk/20230504003823.GC24663%40elros.gerdesas.com.
signature.asc
Description: PGP signature