I use a combination of Fail2Ban and Denyhosts on my servers(Please look at the Denyhosts post if you want to know why).
It's pretty straight forward with:
apt-get install fail2ban
Edit the jail.conf with:
nano /etc/fail2ban/jail.conf
I like to receive emails and snippets of the logfile. So I use:
action = %(action_mwl)s
and in the /etc/fail2ban/action.d/sendmail.conf just alter the dest = root line to whatever mail you want. Just make sure that the sender = address actually exists or they might get dumped to the spam folder.
No comments:
Post a Comment