From 378ff964843cadbc8afaabdc03edc4f60c7ae67b Mon Sep 17 00:00:00 2001 From: Asif Bacchus Date: Tue, 21 May 2019 05:15:37 -0600 Subject: [PATCH] This is the home page --- ...igure-Fail2Ban-with-UFW-to-block-port-probing.md | 13 +++++++++++++ 1 file changed, 13 insertions(+) create mode 100644 Configure-Fail2Ban-with-UFW-to-block-port-probing.md diff --git a/Configure-Fail2Ban-with-UFW-to-block-port-probing.md b/Configure-Fail2Ban-with-UFW-to-block-port-probing.md new file mode 100644 index 0000000..4c284a0 --- /dev/null +++ b/Configure-Fail2Ban-with-UFW-to-block-port-probing.md @@ -0,0 +1,13 @@ +This is a basic set up for Fail2Ban on an system that is directly exposed to the internet (i.e. not behind a separate firewall). + +**This set-up assumes you are using UFW as your firewall front-end and it is working correctly.** + +In addition to the standard SSHd jail, a separate jail that monitors UFW BLOCK reports (i.e. connection attempts to closed ports, etc.) is activated. This should aid in blocking ‘scriptkiddies’ and port-scanning attacks, reducing the resources your server has to allocate to processing bogus requests. F2B will automatically create UFW rules to *drop* connections from systems that try to make repeated invalid connection attempts and then remove the block automatically after the 'bantime' has expired. + +This configuration goes one step further and also enacts a *recidivist* jail whereby repeat offenders are blocked for a much longer period of time. Again, the block is automatically removed upon expiration of this increased 'bantime'. + +While the readme contains the basic steps for getting setup, this wiki will go into detail about each setting, reasoning behind them and how you can customize things to work for your environment. The wiki is presented in the order of installation, configuration and customization. + +The repo on [my private git](https://git.asifbacchus.app/asif/fail2banUFW) will always contain the most up-to-date version of this script, issue tracking and [this wiki](https://git.asifbacchus.app/asif/fail2banUFW/wiki) while the mirror on [GitHub](https://github.com/asifbacchus/fail2banUFW) will be updated usually within 48 hours. + +As always, I encourage feedback and suggestions as well as any help in correcting errors or making this script more useful. File an issue if you find something or have requests. I'm by no means a scripting or a F2B expert, but I hope you find this useful :-) \ No newline at end of file