questions:
logging connections to a file?
is it possible to allow root access from only local network and if someone tries to access it from outside they wouldnt be able to do so?
is it possible to configure it so after someone from outside tries to connect for too many times unsuccessfully that ip gets blacklisted? (unless it has connected successfully before)
#configuring ssh
summer onyx
toxic sable
@summer onyx 1) fail2ban 2) ufw/ip whitelist 3)fail2ban
Fail2ban scans log files (e.g. /var/log/httpd/error_log) and bans IPs that show the malicious signs like too many authentication attempts, scanning for vulnerabilities, etc.
Additionally, if the attacker knows your IP address, they could send packets with a spoofed source header and get your IP address banned. Make sure to specify your IP in ignoreip.
pacman -S fail2ban
fail2ban-client
cd /etc/fail2ban/
cp jail.conf jail.local
cp fail2ban.conf fail2ban.local
edit the local one
summer onyx
@toxic sable hey, i am configuring fail2ban rn, could you explain what findtime does?
and how do i set multiple IP's for ignoreip
summer onyx
<@357177300053262347> 1) fail2ban 2) ufw/ip whitelist 3)fail2ban
and how do i set up ufw/ip whitelist?
summer onyx
Hey @toxic sable ?