:PROPERTIES:
:ID:       00b1b480-0f0c-42a3-8952-4275bc10bc00
:mtime:    20220831211359
:ctime:    20220830224237
:END:
#+title: fail2ban

* Introduction
Outil permettant de bloquer pendant une certaine durée toute IP depuis laquelle plusieurs tentatives de connexions ont
échoué.

* Installation
#+BEGIN_SRC shell
apt install fail2ban 
#+END_SRC

* Configuration
#+BEGIN_SRC shell
cat >/etc/fail2ban/jail.d/sshd.local EOF<<
[sshd]
enabled = true
port = ssh
action = iptables-multiport
logpath = /var/log/secure
maxretry = 3
bantime = 600
EOF
#+END_SRC

* Références
 * [[https://www.redhat.com/sysadmin/protect-systems-fail2ban][Linux security: Protect your systems with fail2ban - Redhat]]