Update page '7. Jails'
parent
83842f8edb
commit
f71bdbf593
@ -2,7 +2,7 @@
|
|||||||
|
|
||||||
F2B uses '*jail configurations*' specified either in *jail.conf*, *jail.local* or in */jail.d/\*.conf*. The latter is my preference since it allows for each jail to be contained in it's own configuration file which makes debugging and maintaining them much easier. These are two that are configured in this repo. The recidivist jail has it's [own page](insert link here).
|
F2B uses '*jail configurations*' specified either in *jail.conf*, *jail.local* or in */jail.d/\*.conf*. The latter is my preference since it allows for each jail to be contained in it's own configuration file which makes debugging and maintaining them much easier. These are two that are configured in this repo. The recidivist jail has it's [own page](insert link here).
|
||||||
|
|
||||||
## sshd (jail.d/ssh.conf)
|
## sshd (*jail.d/ssh.conf*)
|
||||||
|
|
||||||
I usually just define a basic jail for *sshd* which is the default SSH server on Debian/Ubuntu. You can add additional SSH jails as you wish to this file, but I keep it pretty simple. One note, I run my SSH server on a non-standard port (default is port 22), so be sure you fill in the correct port for your environment such as my example below of port 222:
|
I usually just define a basic jail for *sshd* which is the default SSH server on Debian/Ubuntu. You can add additional SSH jails as you wish to this file, but I keep it pretty simple. One note, I run my SSH server on a non-standard port (default is port 22), so be sure you fill in the correct port for your environment such as my example below of port 222:
|
||||||
|
|
||||||
@ -21,7 +21,7 @@ logpath = /path/to/your/log.file
|
|||||||
...
|
...
|
||||||
```
|
```
|
||||||
|
|
||||||
## UFW port probing
|
## UFW port probing (*jail.d/ufw-probe.conf*)
|
||||||
|
|
||||||
This is probably the part you are really looking for in this entire set-up. We will create a custom jail that monitors UFW's logs for any mention of *[UFW BLOCK]* and then proceeds to ban those systems attempting to connect to blocked ports as per your timeframe settings. I've commented the ufw-probe file but I'll run though it here also for convenience.
|
This is probably the part you are really looking for in this entire set-up. We will create a custom jail that monitors UFW's logs for any mention of *[UFW BLOCK]* and then proceeds to ban those systems attempting to connect to blocked ports as per your timeframe settings. I've commented the ufw-probe file but I'll run though it here also for convenience.
|
||||||
|
|
||||||
|
Loading…
Reference in New Issue
Block a user