Wednesday, August 25, 2010

*nix System Hardening - Step 1

If you run a Linux, FreeBSD, or MacOS system with ANY server services open to the world (Apache, SSH, FTP, etc.) take a look at fail2ban.

http://www.fail2ban.org

The idea of this little program is that it watches your log files for failed attempts to log in and bans the IP that repeatedly fails to log in (usually that means they are password guessing, and not a legitimate user)

DenyHosts does something similar for just SSH, but if you have other services open fail2ban is better.

No comments: