[asterisk-users] asterisk and fail2ban
Terry Brummell
terry at brummell.net
Thu Mar 31 07:52:33 CDT 2011
Your delay is due to the amount of time the F2B script takes to read the log file, and due to how often it is called. I do not believe it is a realtime event. Say, every minute it's called to read the log and act. I'm not sure of the exact numbers, but you get the idea....
From: vip killa
Sent: Thu 3/31/2011 8:17 AM
To: Asterisk Users Mailing List - Non-Commercial Discussion
Subject: Re: [asterisk-users] asterisk and fail2ban
Back to the original question, for those of you using Fail2Ban,
Does it take an unusually high amount of break-in attempts before attackers are banned?
I have it set to 5 attempts in fail2ban but usually, the attacker is able to make over 100 attempts before fail2ban bans them.
I've tried this using asterisk's /var/log/asterisk/messages and /var/log/messages with same results.
Perhaps someone else is experiencing this or has resolved it, thank you.
On Thu, Mar 31, 2011 at 4:05 AM, Gordon Henderson <mailto:gordon%2Basterisk at drogon.net> wrote:
On Wed, 30 Mar 2011, Terry Brummell wrote:
Yah, sounds simple, how do you set it up to do this? Fail2Ban was
pretty easy, if it's that easy, why was F2B even created?
It's easy for me because I read an undestand how things work, and deal with Linux firewalling in a daily basis. Fail2ban is an (almost) drop-in solution which requires minimal thinking - just a few lines in a config file to edit. (and python which I don't have installed on my systems)
Gordon
--
_____________________________________________________________________
-- Bandwidth and Colocation Provided by http://www.api-digital.com/ --
New to Asterisk? Join us for a live introductory webinar every Thurs:
http://www.asterisk.org/hello
asterisk-users mailing list
To UNSUBSCRIBE or update options visit:
http://lists.digium.com/mailman/listinfo/asterisk-users
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.digium.com/pipermail/asterisk-users/attachments/20110331/3e81c752/attachment.htm>
More information about the asterisk-users
mailing list