Server Guide and Blog

Rock Your Linux

By

DOS and Brute Force Prevention Using Fail2ban

Dealing with dos and brute force attacks can be a daunting challenge. You can manually adjust your firewall to block particular ip addresses, but why not automate the process? What if a program can monitor your authentication, and other log files for suspicious activity? In these log files is a tremendous amount of info about failed login attempts, and how many times an ip address connects to your web server. Using this information a program can automatically adjust your firewall to block the offending ip addresses. Fail2ban does just this. The program automatically monitors the log files of many programs. Most important is apache, and ssh. http://www.fail2ban.org/wiki/index.php/Main_Page