RapidFX

fail2ban on CentOS

4/4/2010



wget http://downloads.sourceforge.net/project/fail2ban/fail2ban-stable/fail2ban-0.8.4/fail2ban-0.8.4.tar.bz2
tar -xjvf fail2ban-0.8.4.tar.bz2
cd fail2ban-0.8.4
python setup.py install


vi /etc/fail2ban/jail.conf
Scroll down to:


bantime = 600


Change to 1200
(these are in seconds)

Scroll to:
ignoreip = 127.0.0.1


Add your IP's that you want whitelisted seperated by a space.
scroll down to:


[ssh-iptables]
enabled = false


change to true

find:
sendmail-whois[name=SSH, dest=user@mail.com
change to the email address you want reports sent to.


cp files/redhat-initd /etc/init.d/fail2ban
chkconfig --add fail2ban
chkconfig fail2ban on
service fail2ban start
enjoy.