Author - StudySection Post Views - 68 views
Fail2ban tool

How to use Fail2ban tool to block Intruder trying to connect to the server using ssh

Step 1: Run the update command to fetch the latest repos
sudo apt-get update

Step 2: To upgrade the packages
sudo apt-get upgrade

Step 3: Run the below command to install the fail2ban tool
sudo apt-get install fail2ban

Step 4: Start and enable the tool by using the below commands.
sudo systemctl start fail2ban
sudo systemctl enable fail2ban

Step 5: Now you need to create a new configuration file to use in fail2ban tool
sudo nano /etc/fail2ban/jail.local.conf
In the newly created file, paste the following contents:
[sshd] enabled = true
port = 22
filter = sshd
logpath = /var/log/auth.log
maxretry = 3

Step 6: Restart the fail2ban service after updating the configuration file.
sudo systemctl restart fail2ban

Step 7: Test tool and then unbanned the IP address which you think is your own.
sudo fail2ban-client set sshd unbanip <IP_ADDRESS>

Note: Below the command to learn more about this tool, and features.
man fail2ban

People having good command over the French language can get a French certification from StudySection. StudySection offers both beginner level and expert level French Certification Exams to test the ability to communicate in the French language.

Leave a Reply

Your email address will not be published.