Differences

This shows you the differences between two versions of the page.

--- linux:security [2016/10/07 18:21]
tkilla [apparmor]
+++ linux:security [2016/10/20 00:56] (current)
tkilla
@@ Line 1: / Line 1: @@
 ====== Security ======
+===== fail2ban =====
+Important and sometimes tricky. some hints:
+  * if your iptables default policiy is ACCEPT in INPUT chain, use "CHAIN = FORWARD"
+  * to activate mail, you need to set the default action to: "action = %(action_mwl)s" or "action = %(action_mw)s" - mails are off by default!
+  * If you have redirected ports via iptables, you need to block both, like port     = 3306,33306
+  * [mysqld-auth] mariadb always logs to /var/log/syslog and /var/log/daemon, so set that as logpath
+  * iptables -nvL # show packets
+  * iptables -v -x -n -L # ..too
+  * fail2ban-regex /var/log/auth.log /etc/fail2ban/filter.d/sshd.conf   # test, if reges matchs
+  * fail2ban-client status
 ===== apparmor =====

fr33.info