Fail2Ban

info

This part of the documentation is currently lacking, but might be updated in the near, near future.

Fail2Ban scans log files like /var/log/auth.log and bans IP addresses conducting too many failed login attempts. It does this by updating system firewall rules to reject new connections from those IP addresses, for a configurable amount of time. Fail2Ban comes out-of-the-box ready to read many standard log files, such as those for sshd and Apache, and is easily configured to read any log file of your choosing, for any error you wish.

Install

To install, run:

git clone https://github.com/fail2ban/fail2ban.git
cd fail2ban
sudo python setup.py install 

To set up, run:

cp files/debian-initd /etc/init.d/fail2ban
update-rc.d fail2ban defaults
service fail2ban start

Check the fail2ban GitHub repo for more information.