ClearOS Bug Tracker


View Issue Details Jump to Notes ] Issue History ] Print ]
IDProjectCategoryView StatusDate SubmittedLast Update
0015691ClearOSapp-attack-detector - Attack Detectorpublic2017-07-11 17:032019-02-23 22:23
Reportercjones 
Assigned Todloper 
PrioritylowSeverityfeatureReproducibilityhave not tried
StatusassignedResolutionopen 
PlatformOSOS Version
Product Version7.3.0 
Target Version7.6.0 UpdatesFixed in Version 
Summary0015691: Feature Add - fail2ban
DescriptionReference ticket number 550491;
Created joe-recidive.conf in /etc/fail2ban/jail.d
[recidive]
enabled = true
maxretry = 3
bantime = 2419200 ; 4 week
findtime = 345600 ; 4 day
I also adjusted the bantimes in the other conf's to 86400 (1 day), so my find time in recidive is set to 4 days.
I am going to see how this works. Maybe adjust bantime to something longer like 12 weeks
The recidive filter in fail2ban, monitors the fail2ban log file. In this case my fail2ban bans ip's for 1 day. If the recidive filter finds 3 occurances in the fail2ban log it will ban it for 4 weeks.
The other solution has it merits that it bans all ports, not just the attacked port.
TagsNo tags attached.
Attached Files

- Relationships

-  Notes
There are no notes attached to this issue.

- Issue History
Date Modified Username Field Change
2017-07-11 17:03 cjones New Issue
2017-07-11 17:08 dloper Assigned To => dloper
2017-07-11 17:08 dloper Status new => assigned
2019-02-23 22:23 dloper Target Version => 7.6.0 Updates