Fail2ban Questions

bltst2

• February 20, 2014 10:20

I don't mean to hijack this thread, but has anyone used Fail2Ban to reactivate ban IPs that are doing this type of brute force attempts? I've setup what I think is a good REGEX failregex = \[\] .*(?:rejected by local_scan|Unrouteable address) login authenticator failed for .* \[\]: 535 Incorrect authentication data \(set_id=.*\)\s*$ logpath = /var/log/exim_rejectlog /var/log/exim_mainlog But, it's not working...Any thoughts? Anyone every use Fail2Ban to ban these type of attempts?

• 

  Infopro

  • February 20, 2014 19:10

  Post moved to it's own thread.

  0
• 

  vanessa

  • February 21, 2014 01:28

  I've had clients use it and it seems to do the job

  0

Please sign in to leave a comment.