CentOS Linux fail2ban

On exposed systems to the internet fail2ban is used to avoid attacks e.g. on ssh deamon. This shows the install and config on the CentOS 7.2 release with using firewalld (preinstalled). First install fail2ban from repo:

yum -y install fail2ban

For own settings the main config ‘jail.conf’ could be copied.

cp /etc/fail2ban/jail.conf /etc/fail2ban/jail.local

Now you can edit ‘jail.local’ with your own fonfigurations.

[sshd] #--> uncommend to activate fail2ban for sshd
enabled = true #--> use firewalld not iptables
ignoreip = 192.168.2.0 #--> fail2ban ignores these ip's
destemail =  e-mail@address.ch #--> fail2ban sends ban informations to this address
sendername = Fail2Ban - hostname #--> hostinfos in e-mail
usedns = no #--> don't resolve dns names

Now you can enable and start the fail2ban deamon:

On exposed systems to the internet fail2ban is used to avoid attacks e.g. on ssh deamon. This shows the install and config on the CentOS 7.2 release with using firewalld (preinstalled). First install fail2ban from repo:

yum -y install fail2ban

For own settings the main config ‘jail.conf’ could be copied.

cp /etc/fail2ban/jail.conf /etc/fail2ban/jail.local

Now you can edit ‘jail.local’ with your own fonfigurations.

[sshd] #--> uncommend to activate fail2ban for sshd
enabled = true #--> use firewalld not iptables
ignoreip = 192.168.2.0 #--> fail2ban ignores these ip's
destemail =  e-mail@address.ch #--> fail2ban sends ban informations to this address
sendername = Fail2Ban - hostname #--> hostinfos in e-mail
usedns = no #--> don't resolve dns names

Now you can enable and start the fail2ban deamon: