Re: Interpreting logwatch

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]



Timothy Murphy wrote:
> m.roth@xxxxxxxxx wrote:
>
>>> Every few days I see in the logwatch on my Centos-5.5 web-server
>>> what seems like a rather feeble break-in attempt.
>
>>> In fact, I'm not clear how one should deal with logwatch entries
>>> in general.
>>> Is there any document giving advice on this?
>>
>> We run fail2ban. It blocks a given IP for so long after so many (3? 5?)
>> failed attempts to break in. It also does a whois on the IP, which is a
>> little more info.
>
> Thanks, I'll try that.
> I had heard of fail2ban , but was slightly put off by the strange name;
> what exactly is the name meant to convey?
>
They fail to log in successfully enough times, they're banned by firewall
rules.

*heh* If odd names put you off, you probably shouldn't be playing with any
version of *Nix.... <g> fail2ban is pretty self-explanatory, compared to,
say, bonobo, or anaconda, or gnome....

          mark "I know awk, sed, cp, rm, and dozens of other 2 and 3
letter commands,
                      and I'm not afraid to use them!"

_______________________________________________
CentOS mailing list
CentOS@xxxxxxxxxx
http://lists.centos.org/mailman/listinfo/centos


[Index of Archives]     [CentOS]     [CentOS Announce]     [CentOS Development]     [CentOS ARM Devel]     [CentOS Docs]     [CentOS Virtualization]     [Carrier Grade Linux]     [Linux Media]     [Asterisk]     [DCCP]     [Netdev]     [Xorg]     [Linux USB]
  Powered by Linux