subject:"Imposible hacer funcionar fail2ban con owncloud en Debian Wheezy"

[SOLUCIONADO] Re: Imposible hacer funcionar fail2ban con owncloud en Debian Wheezy

2015-03-03 Por tema Maykel Franco

El día 3 de marzo de 2015, 14:54, Ramses  escribió:
> El 03/03/2015, a las 13:29, Maykel Franco  escribió:
>
>> Buenas, he querido meter una capa más de seguridad a owncloud en mi
>> casa. He realizado lo siguiente para hacerlo funcionar con owncloud.
>>
>> He copiado el fichero jail.conf a jail.local puesto que por lo visto
>> cuando fail2ban actualiza, te machaca el fichero jail.conf.
>>
>> Una vez realizado esto, he añadido lo siguiente al fichero jail.local:
>>
>> [owncloud-login]
>> enabled   = true
>> port  = 8000
>> filter= owncloud-login
>> logpath   = /var/lib/owncloud/data/owncloud.log
>> maxretry  = 3
>
> ¿Porque te falta la Acción?
>
>
> Saludos,
>
> Ramses
>
>> Lo que me quedaba, era meter el filtro en filter.d, llamado
>> owncloud-login.conf (importante el .conf si no no te lo coge y da
>> error fail2ban, lógicamente).
>>
>>
>> [Definition]
>> failregex={"reqId":".*","remoteAddr":".*","app":"core","message":"Login
>> failed: '.*' \(Remote IP: '', X-Forwarded-For:
>> '.*'\)","level":2,"time":".*"}
>>
>> Si esto lo pruebo con el comando fail2ban-regex me funciona correctamente:
>>
>> Running tests
>> =
>>
>> Use regex file : /etc/fail2ban/filter.d/owncloud-login.conf
>> Use log file   : /var/lib/owncloud/data/owncloud.log
>>
>>
>> Results
>> ===
>>
>> Failregex
>> |- Regular expressions:
>> |  [1] {"reqId":".*","remoteAddr":".*","app":"core","message":"Login
>> failed: '.*' \(Remote IP: '', X-Forwarded-For:
>> '.*'\)","level":2,"time":".*"}
>> |
>> `- Number of matches:
>>   [1] 95 match(es)
>>
>> Ignoreregex
>> |- Regular expressions:
>> |
>> `- Number of matches:
>>
>> Summary
>> ===
>>
>> Addresses found:
>> [1]
>>192.168.0.33 (Mon Mar 02 15:31:12 2015)
>>192.168.0.33 (Mon Mar 02 17:19:57 2015)
>>192.168.0.33 (Mon Mar 02 17:20:04 2015)
>>192.168.0.33 (Tue Mar 03 09:01:15 2015)
>>192.168.0.33 (Tue Mar 03 09:01:19 2015)
>>192.168.0.33 (Tue Mar 03 09:01:23 2015)
>>192.168.0.33 (Tue Mar 03 09:01:28 2015)
>>192.168.0.33 (Tue Mar 03 10:24:06 2015)
>>192.168.0.33 (Tue Mar 03 10:24:17 2015)
>>192.168.0.33 (Tue Mar 03 10:24:33 2015)
>>192.168.0.33 (Tue Mar 03 10:37:44 2015)
>>192.168.0.33 (Tue Mar 03 10:42:25 2015)
>>192.168.0.33 (Tue Mar 03 10:42:31 2015)
>>192.168.0.33 (Tue Mar 03 10:42:35 2015)
>>192.168.0.33 (Tue Mar 03 10:42:37 2015)
>>192.168.0.33 (Tue Mar 03 10:42:39 2015)
>>192.168.0.33 (Tue Mar 03 10:42:42 2015)
>>192.168.0.33 (Tue Mar 03 10:42:43 2015)
>>192.168.0.33 (Tue Mar 03 10:42:54 2015)
>>192.168.0.33 (Tue Mar 03 10:42:55 2015)
>>192.168.0.33 (Tue Mar 03 10:42:57 2015)
>>192.168.0.33 (Tue Mar 03 10:42:58 2015)
>>192.168.0.33 (Tue Mar 03 10:42:59 2015)
>>192.168.0.33 (Tue Mar 03 10:43:00 2015)
>>192.168.0.33 (Tue Mar 03 10:45:33 2015)
>>192.168.0.33 (Tue Mar 03 10:45:36 2015)
>>192.168.0.33 (Tue Mar 03 10:45:37 2015)
>>192.168.0.33 (Tue Mar 03 10:45:39 2015)
>>192.168.0.33 (Tue Mar 03 10:45:41 2015)
>>192.168.0.33 (Tue Mar 03 10:45:42 2015)
>>192.168.0.33 (Tue Mar 03 10:45:44 2015)
>>192.168.0.33 (Tue Mar 03 10:45:45 2015)
>>192.168.0.33 (Tue Mar 03 10:45:47 2015)
>>192.168.0.33 (Tue Mar 03 10:58:55 2015)
>>192.168.0.33 (Tue Mar 03 10:58:57 2015)
>>192.168.0.33 (Tue Mar 03 10:58:59 2015)
>>192.168.0.33 (Tue Mar 03 10:59:01 2015)
>>192.168.0.33 (Tue Mar 03 10:59:05 2015)
>>192.168.0.33 (Tue Mar 03 10:59:06 2015)
>>192.168.0.33 (Tue Mar 03 10:59:09 2015)
>>192.168.0.33 (Tue Mar 03 11:06:32 2015)
>>192.168.0.33 (Tue Mar 03 11:06:38 2015)
>>192.168.0.33 (Tue Mar 03 11:06:40 2015)
>>192.168.0.33 (Tue Mar 03 11:06:41 2015)
>>192.168.0.33 (Tue Mar 03 11:06:43 2015)
>>192.168.0.33 (Tue Mar 03 11:06:44 2015)
>>192.168.0.33 (Tue Mar 03 11:06:46 2015)
>>192.168.0.33 (Tue Mar 03 11:07:11 2015)
>>192.168.0.33 (Tue Mar 03 11:07:13 2015)
>>192.168.0.33 (Tue Mar 03 11:07:14 2015)
>>192.168.0.33 (Tue Mar 03 11:08:45 2015)
>>192.168.0.33 (Tue Mar 03 11:08:47 2015)
>>192.168.0.33 (Tue Mar 03 11:08:48 2015)
>>192.168.0.33 (Tue Mar 03 11:08:50 2015)
>>192.168.0.33 (Tue Mar 03 11:08:51 2015)
>>192.168.0.33 (Tue Mar 03 11:08:53 2015)
>>192.168.0.33 (Tue Mar 03 11:14:15 2015)
>>192.168.0.33 (Tue Mar 03 11:14:17 2015)
>>192.168.0.33 (Tue Mar 03 11:14:18 2015)
>>192.168.0.33 (Tue Mar 03 12:09:13 2015)
>>192.168.0.33 (Tue Mar 03 12:09:16 2015)
>>192.168.0.33 (Tue Mar 03 12:09:22 2015)
>>192.168.0.33 (Tue Mar 03 12:09:27 2015)
>>192.168.0.33 (Tue Mar 03 12:09:33 2015)
>>192.168.0.33 (Tue Mar 03 12:09:35 2015)
>>192.168.0.33 (Tue Mar 03 12:09:58 2015)
>>192.168.0.33 (Tue Mar 03 12:10:05 2015)
>>192.168.0.33 (Tue Mar 03 12:10:32 2015)
>>192.168.0.33 (Tue Mar 03 12:10:34 2015)
>>192.168.0.33 (Tue Mar 03 12:14:14 2015)
>>192.168.0.33 (Tue Mar 03 12:14:17 2015)
>>192.168.0.33 (Tue Mar 03 12:14:19 2015)
>>

[SOLUCIONADO] Re: Imposible hacer funcionar fail2ban con owncloud en Debian Wheezy

2015-03-03 Por tema Maykel Franco

2015-03-03 13:29 GMT+01:00 Maykel Franco :
> Buenas, he querido meter una capa más de seguridad a owncloud en mi
> casa. He realizado lo siguiente para hacerlo funcionar con owncloud.
>
> He copiado el fichero jail.conf a jail.local puesto que por lo visto
> cuando fail2ban actualiza, te machaca el fichero jail.conf.
>
> Una vez realizado esto, he añadido lo siguiente al fichero jail.local:
>
> [owncloud-login]
> enabled   = true
> port  = 8000
> filter= owncloud-login
> logpath   = /var/lib/owncloud/data/owncloud.log
> maxretry  = 3
>
>
> Lo que me quedaba, era meter el filtro en filter.d, llamado
> owncloud-login.conf (importante el .conf si no no te lo coge y da
> error fail2ban, lógicamente).
>
>
> [Definition]
> failregex={"reqId":".*","remoteAddr":".*","app":"core","message":"Login
> failed: '.*' \(Remote IP: '', X-Forwarded-For:
> '.*'\)","level":2,"time":".*"}
>
> Si esto lo pruebo con el comando fail2ban-regex me funciona correctamente:
>
> Running tests
> =
>
> Use regex file : /etc/fail2ban/filter.d/owncloud-login.conf
> Use log file   : /var/lib/owncloud/data/owncloud.log
>
>
> Results
> ===
>
> Failregex
> |- Regular expressions:
> |  [1] {"reqId":".*","remoteAddr":".*","app":"core","message":"Login
> failed: '.*' \(Remote IP: '', X-Forwarded-For:
> '.*'\)","level":2,"time":".*"}
> |
> `- Number of matches:
>[1] 95 match(es)
>
> Ignoreregex
> |- Regular expressions:
> |
> `- Number of matches:
>
> Summary
> ===
>
> Addresses found:
> [1]
> 192.168.0.33 (Mon Mar 02 15:31:12 2015)
> 192.168.0.33 (Mon Mar 02 17:19:57 2015)
> 192.168.0.33 (Mon Mar 02 17:20:04 2015)
> 192.168.0.33 (Tue Mar 03 09:01:15 2015)
> 192.168.0.33 (Tue Mar 03 09:01:19 2015)
> 192.168.0.33 (Tue Mar 03 09:01:23 2015)
> 192.168.0.33 (Tue Mar 03 09:01:28 2015)
> 192.168.0.33 (Tue Mar 03 10:24:06 2015)
> 192.168.0.33 (Tue Mar 03 10:24:17 2015)
> 192.168.0.33 (Tue Mar 03 10:24:33 2015)
> 192.168.0.33 (Tue Mar 03 10:37:44 2015)
> 192.168.0.33 (Tue Mar 03 10:42:25 2015)
> 192.168.0.33 (Tue Mar 03 10:42:31 2015)
> 192.168.0.33 (Tue Mar 03 10:42:35 2015)
> 192.168.0.33 (Tue Mar 03 10:42:37 2015)
> 192.168.0.33 (Tue Mar 03 10:42:39 2015)
> 192.168.0.33 (Tue Mar 03 10:42:42 2015)
> 192.168.0.33 (Tue Mar 03 10:42:43 2015)
> 192.168.0.33 (Tue Mar 03 10:42:54 2015)
> 192.168.0.33 (Tue Mar 03 10:42:55 2015)
> 192.168.0.33 (Tue Mar 03 10:42:57 2015)
> 192.168.0.33 (Tue Mar 03 10:42:58 2015)
> 192.168.0.33 (Tue Mar 03 10:42:59 2015)
> 192.168.0.33 (Tue Mar 03 10:43:00 2015)
> 192.168.0.33 (Tue Mar 03 10:45:33 2015)
> 192.168.0.33 (Tue Mar 03 10:45:36 2015)
> 192.168.0.33 (Tue Mar 03 10:45:37 2015)
> 192.168.0.33 (Tue Mar 03 10:45:39 2015)
> 192.168.0.33 (Tue Mar 03 10:45:41 2015)
> 192.168.0.33 (Tue Mar 03 10:45:42 2015)
> 192.168.0.33 (Tue Mar 03 10:45:44 2015)
> 192.168.0.33 (Tue Mar 03 10:45:45 2015)
> 192.168.0.33 (Tue Mar 03 10:45:47 2015)
> 192.168.0.33 (Tue Mar 03 10:58:55 2015)
> 192.168.0.33 (Tue Mar 03 10:58:57 2015)
> 192.168.0.33 (Tue Mar 03 10:58:59 2015)
> 192.168.0.33 (Tue Mar 03 10:59:01 2015)
> 192.168.0.33 (Tue Mar 03 10:59:05 2015)
> 192.168.0.33 (Tue Mar 03 10:59:06 2015)
> 192.168.0.33 (Tue Mar 03 10:59:09 2015)
> 192.168.0.33 (Tue Mar 03 11:06:32 2015)
> 192.168.0.33 (Tue Mar 03 11:06:38 2015)
> 192.168.0.33 (Tue Mar 03 11:06:40 2015)
> 192.168.0.33 (Tue Mar 03 11:06:41 2015)
> 192.168.0.33 (Tue Mar 03 11:06:43 2015)
> 192.168.0.33 (Tue Mar 03 11:06:44 2015)
> 192.168.0.33 (Tue Mar 03 11:06:46 2015)
> 192.168.0.33 (Tue Mar 03 11:07:11 2015)
> 192.168.0.33 (Tue Mar 03 11:07:13 2015)
> 192.168.0.33 (Tue Mar 03 11:07:14 2015)
> 192.168.0.33 (Tue Mar 03 11:08:45 2015)
> 192.168.0.33 (Tue Mar 03 11:08:47 2015)
> 192.168.0.33 (Tue Mar 03 11:08:48 2015)
> 192.168.0.33 (Tue Mar 03 11:08:50 2015)
> 192.168.0.33 (Tue Mar 03 11:08:51 2015)
> 192.168.0.33 (Tue Mar 03 11:08:53 2015)
> 192.168.0.33 (Tue Mar 03 11:14:15 2015)
> 192.168.0.33 (Tue Mar 03 11:14:17 2015)
> 192.168.0.33 (Tue Mar 03 11:14:18 2015)
> 192.168.0.33 (Tue Mar 03 12:09:13 2015)
> 192.168.0.33 (Tue Mar 03 12:09:16 2015)
> 192.168.0.33 (Tue Mar 03 12:09:22 2015)
> 192.168.0.33 (Tue Mar 03 12:09:27 2015)
> 192.168.0.33 (Tue Mar 03 12:09:33 2015)
> 192.168.0.33 (Tue Mar 03 12:09:35 2015)
> 192.168.0.33 (Tue Mar 03 12:09:58 2015)
> 192.168.0.33 (Tue Mar 03 12:10:05 2015)
> 192.168.0.33 (Tue Mar 03 12:10:32 2015)
> 192.168.0.33 (Tue Mar 03 12:10:34 2015)
> 192.168.0.33 (Tue Mar 03 12:14:14 2015)
> 192.168.0.33 (Tue Mar 03 12:14:17 2015)
> 192.168.0.33 (Tue Mar 03 12:14:19 2015)
> 192.168.0.33 (Tue Mar 03 12:14:21 2015)
> 192.168.0.33 (Tue Mar 03 12:14:55 2015)
> 192.168.0.33 (Tue Mar 03 12:15:02 2015)
> 192.168.0.33 (Tue Mar 03 12:15:04 20

Imposible hacer funcionar fail2ban con owncloud en Debian Wheezy

2015-03-03 Por tema Maykel Franco

Buenas, he querido meter una capa más de seguridad a owncloud en mi
casa. He realizado lo siguiente para hacerlo funcionar con owncloud.

He copiado el fichero jail.conf a jail.local puesto que por lo visto
cuando fail2ban actualiza, te machaca el fichero jail.conf.

Una vez realizado esto, he añadido lo siguiente al fichero jail.local:

[owncloud-login]
enabled   = true
port  = 8000
filter= owncloud-login
logpath   = /var/lib/owncloud/data/owncloud.log
maxretry  = 3


Lo que me quedaba, era meter el filtro en filter.d, llamado
owncloud-login.conf (importante el .conf si no no te lo coge y da
error fail2ban, lógicamente).


[Definition]
failregex={"reqId":".*","remoteAddr":".*","app":"core","message":"Login
failed: '.*' \(Remote IP: '', X-Forwarded-For:
'.*'\)","level":2,"time":".*"}

Si esto lo pruebo con el comando fail2ban-regex me funciona correctamente:

Running tests
=

Use regex file : /etc/fail2ban/filter.d/owncloud-login.conf
Use log file   : /var/lib/owncloud/data/owncloud.log


Results
===

Failregex
|- Regular expressions:
|  [1] {"reqId":".*","remoteAddr":".*","app":"core","message":"Login
failed: '.*' \(Remote IP: '', X-Forwarded-For:
'.*'\)","level":2,"time":".*"}
|
`- Number of matches:
   [1] 95 match(es)

Ignoreregex
|- Regular expressions:
|
`- Number of matches:

Summary
===

Addresses found:
[1]
192.168.0.33 (Mon Mar 02 15:31:12 2015)
192.168.0.33 (Mon Mar 02 17:19:57 2015)
192.168.0.33 (Mon Mar 02 17:20:04 2015)
192.168.0.33 (Tue Mar 03 09:01:15 2015)
192.168.0.33 (Tue Mar 03 09:01:19 2015)
192.168.0.33 (Tue Mar 03 09:01:23 2015)
192.168.0.33 (Tue Mar 03 09:01:28 2015)
192.168.0.33 (Tue Mar 03 10:24:06 2015)
192.168.0.33 (Tue Mar 03 10:24:17 2015)
192.168.0.33 (Tue Mar 03 10:24:33 2015)
192.168.0.33 (Tue Mar 03 10:37:44 2015)
192.168.0.33 (Tue Mar 03 10:42:25 2015)
192.168.0.33 (Tue Mar 03 10:42:31 2015)
192.168.0.33 (Tue Mar 03 10:42:35 2015)
192.168.0.33 (Tue Mar 03 10:42:37 2015)
192.168.0.33 (Tue Mar 03 10:42:39 2015)
192.168.0.33 (Tue Mar 03 10:42:42 2015)
192.168.0.33 (Tue Mar 03 10:42:43 2015)
192.168.0.33 (Tue Mar 03 10:42:54 2015)
192.168.0.33 (Tue Mar 03 10:42:55 2015)
192.168.0.33 (Tue Mar 03 10:42:57 2015)
192.168.0.33 (Tue Mar 03 10:42:58 2015)
192.168.0.33 (Tue Mar 03 10:42:59 2015)
192.168.0.33 (Tue Mar 03 10:43:00 2015)
192.168.0.33 (Tue Mar 03 10:45:33 2015)
192.168.0.33 (Tue Mar 03 10:45:36 2015)
192.168.0.33 (Tue Mar 03 10:45:37 2015)
192.168.0.33 (Tue Mar 03 10:45:39 2015)
192.168.0.33 (Tue Mar 03 10:45:41 2015)
192.168.0.33 (Tue Mar 03 10:45:42 2015)
192.168.0.33 (Tue Mar 03 10:45:44 2015)
192.168.0.33 (Tue Mar 03 10:45:45 2015)
192.168.0.33 (Tue Mar 03 10:45:47 2015)
192.168.0.33 (Tue Mar 03 10:58:55 2015)
192.168.0.33 (Tue Mar 03 10:58:57 2015)
192.168.0.33 (Tue Mar 03 10:58:59 2015)
192.168.0.33 (Tue Mar 03 10:59:01 2015)
192.168.0.33 (Tue Mar 03 10:59:05 2015)
192.168.0.33 (Tue Mar 03 10:59:06 2015)
192.168.0.33 (Tue Mar 03 10:59:09 2015)
192.168.0.33 (Tue Mar 03 11:06:32 2015)
192.168.0.33 (Tue Mar 03 11:06:38 2015)
192.168.0.33 (Tue Mar 03 11:06:40 2015)
192.168.0.33 (Tue Mar 03 11:06:41 2015)
192.168.0.33 (Tue Mar 03 11:06:43 2015)
192.168.0.33 (Tue Mar 03 11:06:44 2015)
192.168.0.33 (Tue Mar 03 11:06:46 2015)
192.168.0.33 (Tue Mar 03 11:07:11 2015)
192.168.0.33 (Tue Mar 03 11:07:13 2015)
192.168.0.33 (Tue Mar 03 11:07:14 2015)
192.168.0.33 (Tue Mar 03 11:08:45 2015)
192.168.0.33 (Tue Mar 03 11:08:47 2015)
192.168.0.33 (Tue Mar 03 11:08:48 2015)
192.168.0.33 (Tue Mar 03 11:08:50 2015)
192.168.0.33 (Tue Mar 03 11:08:51 2015)
192.168.0.33 (Tue Mar 03 11:08:53 2015)
192.168.0.33 (Tue Mar 03 11:14:15 2015)
192.168.0.33 (Tue Mar 03 11:14:17 2015)
192.168.0.33 (Tue Mar 03 11:14:18 2015)
192.168.0.33 (Tue Mar 03 12:09:13 2015)
192.168.0.33 (Tue Mar 03 12:09:16 2015)
192.168.0.33 (Tue Mar 03 12:09:22 2015)
192.168.0.33 (Tue Mar 03 12:09:27 2015)
192.168.0.33 (Tue Mar 03 12:09:33 2015)
192.168.0.33 (Tue Mar 03 12:09:35 2015)
192.168.0.33 (Tue Mar 03 12:09:58 2015)
192.168.0.33 (Tue Mar 03 12:10:05 2015)
192.168.0.33 (Tue Mar 03 12:10:32 2015)
192.168.0.33 (Tue Mar 03 12:10:34 2015)
192.168.0.33 (Tue Mar 03 12:14:14 2015)
192.168.0.33 (Tue Mar 03 12:14:17 2015)
192.168.0.33 (Tue Mar 03 12:14:19 2015)
192.168.0.33 (Tue Mar 03 12:14:21 2015)
192.168.0.33 (Tue Mar 03 12:14:55 2015)
192.168.0.33 (Tue Mar 03 12:15:02 2015)
192.168.0.33 (Tue Mar 03 12:15:04 2015)
192.168.0.33 (Tue Mar 03 12:15:06 2015)
192.168.0.33 (Tue Mar 03 12:15:08 2015)
192.168.0.33 (Tue Mar 03 12:21:35 2015)
192.168.0.33 (Tue Mar 03 12:21:38 2015)
192.168.0.33 (Tue Mar 03 12:21:40 2015)
192.168.0.33 (Tue Mar 03 12:21:41 2015)
192.168.0.33 (Tue Mar

[SOLUCIONADO] Re: Imposible hacer funcionar fail2ban con owncloud en Debian Wheezy

[SOLUCIONADO] Re: Imposible hacer funcionar fail2ban con owncloud en Debian Wheezy

Imposible hacer funcionar fail2ban con owncloud en Debian Wheezy

3 matches

Site Navigation

Mail list logo

Footer information