Notes on technology and intelligence.
Notes on technology and intelligence.
Fail2Ban bans hosts that cause multiple authentication errors.
Fail2Ban scans log files like /var/log/auth.log and bans IP that makes too many password failures. It updates firewall rules to reject the IP address. These rules can be defined by the user. Fail2Ban can read multiple log files such as sshd or Apache web server ones.