m.roth@xxxxxxxxx wrote:
>> Every few days I see in the logwatch on my Centos-5.5 web-server
>> what seems like a rather feeble break-in attempt.
>> In fact, I'm not clear how one should deal with logwatch entries
>> in general.
>> Is there any document giving advice on this?
>
> We run fail2ban. It blocks a given IP for so long after so many (3? 5?)
> failed attempts to break in. It also does a whois on the IP, which is a
> little more info.
Thanks, I'll try that.
I had heard of fail2ban , but was slightly put off by the strange name;
what exactly is the name meant to convey?
--
Timothy Murphy
e-mail: gayleard /at/ eircom.net
tel: +353-86-2336090, +353-1-2842366
s-mail: School of Mathematics, Trinity College, Dublin 2, Ireland
_______________________________________________
CentOS mailing list
CentOS@xxxxxxxxxx
http://lists.centos.org/mailman/listinfo/centos
