This shows you the differences between two versions of the page.
Both sides previous revision Previous revision | |||
linux:security [2016/10/07 18:21] tkilla [apparmor] |
linux:security [2016/10/20 00:56] (current) tkilla |
||
---|---|---|---|
Line 1: | Line 1: | ||
====== Security ====== | ====== Security ====== | ||
+ | |||
+ | ===== fail2ban ===== | ||
+ | |||
+ | Important and sometimes tricky. some hints: | ||
+ | |||
+ | * if your iptables default policiy is ACCEPT in INPUT chain, use "CHAIN = FORWARD" | ||
+ | * to activate mail, you need to set the default action to: " | ||
+ | * If you have redirected ports via iptables, you need to block both, like port = 3306,33306 | ||
+ | * [mysqld-auth] mariadb always logs to / | ||
+ | * iptables -nvL # show packets | ||
+ | * iptables -v -x -n -L # ..too | ||
+ | * fail2ban-regex / | ||
+ | * fail2ban-client status | ||
===== apparmor ===== | ===== apparmor ===== |