fail2ban

Posted by on January 30, 2013 in system administration | 1 comment

First sysadmin post… 🙂 Not the most important thing but I can’t think of anything else to write right now. One of the things I’d like to install on machines with ssh access is fail2ban (from Ubuntu repositories). It’s a script that monitors log files for failed login attempts and bans the corresponding IP-address for a certain amount of time. Any objections? It’s not the answer to everything of course but it keeps the typical ssh-scanners away. It can be used to monitor other log files (e.g. apache) too.

1 Comment

  1. I think it is a good idea! In fact, I have been running denyhosts on several machines including my desktop and grizzly, but that only monitors failed system authentications. I’ve read about fail2ban, but never used it myself, but if you have good experience with it, I’m in favor of installing it right away if nothing else at least on critical machines. When it comes to compute machines, I would rather prefer to not have anything running in the background that can interfere with sensitive processes like mdrun.

Leave a Comment