Man of Honour
- Joined
- 13 Nov 2009
- Posts
- 11,662
- Location
- Northampton
Fail2Ban is a godsend.
I have SSH on a non standard port on my Dedicated server and only open to shortlisted IPs, but Fail2Ban blocks at least 3-5 different IP addresses a day targeting Dovecote on my server. 3 failed login attempts results in a 2 hour IP blacklist with email alerts going that are then sent straight to a Fail2Ban folder in my email via procmail I then check that folder once or twice a day and permanently add anything into Fail2Ban that appears more than a couple of times in a short period of time
I have SSH on a non standard port on my Dedicated server and only open to shortlisted IPs, but Fail2Ban blocks at least 3-5 different IP addresses a day targeting Dovecote on my server. 3 failed login attempts results in a 2 hour IP blacklist with email alerts going that are then sent straight to a Fail2Ban folder in my email via procmail I then check that folder once or twice a day and permanently add anything into Fail2Ban that appears more than a couple of times in a short period of time
