extending fail2ban
Don Russell
fedora at drussell.dnsalias.com
Thu May 22 16:42:11 UTC 2008
I installed fail2 ban and it seems to do a nice job of reporting
people knocking at my door and shutting them down temporarily.
Is there any doc on how I could add other "intruder detection".... :-)
man fail2ban and info fail2ban come up dry. :-(
The fedora project page doesn't have anything on it either:
https://admin.fedoraproject.org/pkgdb/packages/name/fail2ban
i.e. I have an application I run via xinetd.
If the client tries to connect with the incorrect protocol, I just
respond with a terse "wrong protocol" message and exit.
My xinet logs show the same IP address connecting with the wrong
protocol over and over... They're obviously "up to no good" :-).
How can I "teach" fail2ban to block those people too?
It's not a password violation.. there's no password on it... it's
meant for public consumption, but only if you are using the correct
protocol.
I could do my own "blocking", but I'd like to use the tools that are
already there.
Thanks,
More information about the fedora-list
mailing list