Hi all.
I installed and is using fail2ban after Eric wrote about it long time ago.
It works perfectly and is doing a nice job blocking different attemps on
my server. (Iptables drop <ip>)
I am using dovecot and is having fail2ban checking the dovecot log for
bad password attempts (amongst other checks) - works great.
If You download the fail2ban package (and compile it) there is a
qmail.conf script implemented, it may need some tweaking to match Your
needs but it's not that hard - You can try Your 'selfmade' conf files on
Your logfiles to make sure they work as You planned.
It also uses iptables.
I can only recommend using this tool, it keeps an 'eye' on things
constantly - ofcourse there is people out there that makes an effort in
trying to bypass fail2ban so never think You're 100% safe.
Regards,
Finn
On 02-03-2011 06:05, Tony White wrote:
Trouble is Fail2Ban requires the shorewall firewall!
At least if you use the rpm's.
On 02/03/2011 3:58 PM, Maxwell Smart wrote:
I actually use OSSECHIDS for this type of attack. I use fail2ban for
ftp and ssh.
Ole is the chap that knows fail2ban for Qmail. You can install it now
using yum install fail2ban instead of compiling.
On 03/01/2011 06:40 PM, Eric Shubert wrote:
If CJ got it working, then I expect that just about anyone can do
it. ;)
JK CJ. Would you care to create a page on the wiki for this?
---------------------------------------------------------------------------------
Qmailtoaster is sponsored by Vickers Consulting Group
(www.vickersconsulting.com)
Vickers Consulting Group offers Qmailtoaster support and installations.
If you need professional help with your setup, contact them today!
---------------------------------------------------------------------------------
Please visit qmailtoaster.com for the latest news, updates, and packages.
To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com
For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com