Managing fail2ban to ban malicious IP addresses
Every public-facing system is bombarded with automated attacks all the time.
The fail2ban
tool monitors your log files and acts as soon as it discovers malicious behavior in the way you told it to. One common use case is blocking malicious IP addresses by establishing firewall rules on the fly using iptables
.
In this section, we'll look at how to set up a basic protection for SSH using fail2ban and iptables
.
Getting ready
Make sure that you have a cookbook named my_cookbook
and that the run_list
of your node includes my_cookbook
, as described in the Creating and using cookbooks recipe in Chapter 1, Chef Infrastructure.
Make sure that you have created the ssh.erb
template for your iptables
rule as described ...
Get Chef Cookbook - Third Edition now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.