Codice: Seleziona tutto
apt-get install fail2ban
Codice: Seleziona tutto
vi /etc/fail2ban/jail.local
Codice: Seleziona tutto
[pureftpd]
enabled = true
port = ftp
filter = pureftpd
logpath = /var/log/syslog
maxretry = 3
[dovecot-pop3imap]
enabled = true
filter = dovecot-pop3imap
action = iptables-multiport[name=dovecot-pop3imap, port="pop3,pop3s,imap,imaps", protocol=tcp]
logpath = /var/log/mail.log
maxretry = 5
[sasl]
enabled = true
port = smtp
filter = sasl
logpath = /var/log/mail.log
maxretry = 3
Codice: Seleziona tutto
vi /etc/fail2ban/filter.d/pureftpd.conf
Codice: Seleziona tutto
[Definition]
failregex = .*pure-ftpd: \(.*@<HOST>\) \[WARNING\] Authentication failed for user.*
ignoreregex =
Codice: Seleziona tutto
vi /etc/fail2ban/filter.d/dovecot-pop3imap.conf
Codice: Seleziona tutto
[Definition]
failregex = (?: pop3-login|imap-login): .*(?:Authentication failure|Aborted login \(auth failed|Aborted login \(tried to use disabled|Disconnected \(auth failed|Aborted login \(\d+ authentication attempts).*rip=(?P<host>\S*),.*
ignoreregex =
Codice: Seleziona tutto
/etc/init.d/fail2ban restart
Ricevo la seguente mail (in locale, all'utente root)
Codice: Seleziona tutto
Error while processing /etc/awstats/awstats.conf
Error: SiteDomain parameter not defined in your config/domain file. You must edit it for using this version of AWStats.
Setup ('/etc/awstats/awstats.conf' file, web server or permissions) may be wrong.
Check config file, permissions and AWStats documentation (in 'docs' directory).

