ClearOS Bug Tracker

Main | My View | View Issues | Change Log | Roadmap | Repositories
  

View Issue Details Jump to Notes ] Issue History ] Print ]
IDProjectCategoryView StatusDate SubmittedLast Update
0010951ClearOSapp-attack-detector - Attack Detectorpublic2016-10-17 08:452021-11-09 05:29
Reporterdloper 
Assigned To 
PrioritynormalSeverityfeatureReproducibilityalways
StatusclosedResolutionsuspended 
PlatformOSOS Version
Product Version7.2.0 Updates 
Target VersionFixed in Version 
Summary0010951: Add perma-ban to attack detector
DescriptionAdd permanent bans to attack detector. This guide demonstrates the concept.

http://stuffphilwrites.com/2013/03/permanently-ban-repeat-offenders-fail2ban/ [^]
TagsNo tags attached.
Attached Files

- Relationships

-  Notes
(0004041)
dloper (administrator)
2016-10-17 15:36
edited on: 2016-10-17 15:38

 550491

test-recidive.conf in /etc/fail2ban/jail.d

[recidive]
enabled = true
maxretry = 3
bantime = 2419200 ; 4 week
findtime = 345600 ; 4 day

I also adjusted the bantimes in the other conf's to 86400 (1 day), so my find time in recidive is set to 4 days.

I am going to see how this works. Maybe adjust bantime to something longer like 12 weeks

The recidive filter in fail2ban, monitors the fail2ban log file. In this case my fail2ban bans ip's for 1 day. If the recidive filter finds 3 occurances in the fail2ban log it will ban it for 4 weeks.
(0015961)
NickH (developer)
2021-11-09 05:29

 Migrated to https://gitlab.com/clearos/clearfoundation/app-attack-detector/-/issues/13 [^]

- Issue History
Date Modified Username Field Change
2016-10-17 08:45 dloper New Issue
2016-10-17 09:28 user2 Target Version 7.3.0 Beta 1 =>
2016-10-17 09:28 user2 Status new => confirmed
2016-10-17 15:36 dloper Note Added: 0004041
2016-10-17 15:38 dloper Note Edited: 0004041 View Revisions
2021-11-09 05:29 NickH Note Added: 0015961
2021-11-09 05:29 NickH Status confirmed => closed
2021-11-09 05:29 NickH Resolution open => suspended