Changes

Jump to navigation Jump to search
58 bytes added ,  11:03, 22 April 2014
no edit summary
Line 15: Line 15:  
Fail2ban is typically set up to unban a blocked host within a certain period, so as to not "lock out" any genuine connections that may have been temporarily misconfigured. However, an unban time of several minutes is usually enough to stop a network connection being flooded by malicious connections, as well as reducing the likelihood of a successful dictionary attack.
 
Fail2ban is typically set up to unban a blocked host within a certain period, so as to not "lock out" any genuine connections that may have been temporarily misconfigured. However, an unban time of several minutes is usually enough to stop a network connection being flooded by malicious connections, as well as reducing the likelihood of a successful dictionary attack.
   −
{{Tip box|n'est pas seulement un outil contre les attaques par force brute sur SSH, mais il peut être un outil utile contre les attaques de protocole http ou [http://forums.contribs.org/index.php/topic,50162.msg252195.html#msg252195 spam] sur votre serveur. Voir la [[Fail2ban#Jail.conf |section prison]]}}
+
{{Tip box|Fail2ban n'est pas seulement un outil contre les attaques par force brute sur SSH, mais il peut être un outil utile contre les attaques de protocole http ou [http://forums.contribs.org/index.php/topic,50162.msg252195.html#msg252195 spam] sur votre serveur. Voir la [[Fail2ban#Jail.conf |section prison]]}}
    
=== Systèmes requis ===
 
=== Systèmes requis ===
Line 54: Line 54:  
{{note box| you have to install the fail2ban version of fws repository and not the epel version}}
 
{{note box| you have to install the fail2ban version of fws repository and not the epel version}}
   −
* Appply the needed configuration:
+
* Appliquer la configuration nécessaire :
    
  expand-template /etc/rc.d/init.d/masq
 
  expand-template /etc/rc.d/init.d/masq
 
  /etc/init.d/masq restart
 
  /etc/init.d/masq restart
 
  signal-event fail2ban-conf
 
  signal-event fail2ban-conf
or
+
ou
 
  signal-event post-upgrade; signal-event reboot
 
  signal-event post-upgrade; signal-event reboot
   −
{{warning box| Failing to run either of these command will completly lock network access next time iptables rules are reloaded}}
+
{{warning box| A défaut d'exécuter l'une de ces commandes, l'accès au réseau sera verrouillés le temps de recharger les règles d'iptables}}
    
=== Commandes DB ===
 
=== Commandes DB ===
there is no panel yet you can manage the contrib by the db configuration, it is quite simple
+
Il n'y à pas de panneau de configuration, vous pouvez encore gérer la contrib avec db cnfiguration, c'est assez simple.
    
  # config show fail2ban  
 
  # config show fail2ban  
Line 72: Line 72:  
     status=enabled
 
     status=enabled
   −
Available options are below:
+
Les options disponibles sont ci-dessous :
    
* '''IgnoreIP''': a comma separated list of IP or CIDR networks which will never be blocked by fail2ban. Exemple: 12.15.22.4,17.20.0.0/16. All your local networks and networks allowed to access the server-manager are already automatically whitelisted
 
* '''IgnoreIP''': a comma separated list of IP or CIDR networks which will never be blocked by fail2ban. Exemple: 12.15.22.4,17.20.0.0/16. All your local networks and networks allowed to access the server-manager are already automatically whitelisted
Line 82: Line 82:  
* '''MailRecipient''': if '''Mail''' is enabled, the email address which should receive ban notifications. Default is root (the admin account will receive)
 
* '''MailRecipient''': if '''Mail''' is enabled, the email address which should receive ban notifications. Default is root (the admin account will receive)
   −
After changing one of these settings, you need to apply it:
+
Ensuite, pour appliquer les changements :
 
  signal-event fail2ban-conf
 
  signal-event fail2ban-conf
  
62

edits

Navigation menu