CentOS 7.x fail2ban
From Notes_Wiki
<yambe:breadcrumb>CentOS_7.x_Security_Tools|CentOS 7.x Security Tools</yambe:breadcrumb>
CentOS 7.x fail2ban
To configure fail2ban on CentOS 7.x use:
- yum -y install epel-release
- yum -y install fail2ban
- cp /etc/fail2ban/fail2ban.conf /etc/fail2ban/fail2ban.local
- cp /etc/fail2ban/jail.conf /etc/fail2ban/jail.local
- vim /etc/fail2ban/jail.local
- ...
- backend=systemd
- ...
- [sshd]
- enabled = true
- ...
- systemctl start fail2ban
- systemctl enable fail2ban
- fail2ban-client status
- fail2ban-client status sshd
There is also older article on fail2ban at Fail2ban
In case of email server using postfix and dovecot add
enabled=true
under dovecot and posfix-sasl also. This would then create three jails including sshd.
Refer: