Fail2ban

This howto will help you install and configure Fail2ban on Fedora or Centos. Fail2ban is a daemon that uses python scripts to parse log files for system intrusion attempts and adds custom iptables rules defined by you in the configuration file to ban access to certain ip addresses.

Applicable to Centos Versions:

  • Centos 5.x
  • Centos 6.x

Requirements

Explanation of requirements.

  1. Root access to the system
  2. Working Internet connection

Doing the Work

Basic description of what will be done and what is expected.

  1. Install and configure EPEL and Fail2ban:
  2. Secure SSH:
  3. Edit the jail.conf to configure it for your needs:
  4. Set Fail2ban to start on boot and start the service right now:

Troubleshooting / How To Test

Explanation troubleshooting basics and expectations.

  1. Restart IPtables, Fail2ban and check the status of the Fail2ban install:
  2. Remove a ban from the Fail2ban SSH chain (change IP address):

Common Problems & Fixes

Describe common problems here, include links to known common problems if on another site

More Information

Any additional information or notes.

Disclaimer

We test this stuff on our own machines, really we do. But you may run into problems, if you do, come to #centoshelp on irc.freenode.net

Added Reading