Talk:Brute Force Dictionary Attack on Dovecot

From Free Knowledge Base- The DUCK Project: information for everyone
Jump to: navigation, search

installation runlevels of fail2ban and iptables testing

Installation runlevels 

 chkconfig fail2ban on  - makes fail2ban start with the sytem runlevels in rc.d/rc3.d at startup
 chkconfig fail2ban off - disables fail2ban from starting automatically at system startup
 chkconfig --level 23 fail2ban on - you can specify the runlevel to set the order it loads in relation to the other services
 chkconfig fail2ban on && service fail2ban start - set it to start at boot and get it started immediately

Restart IPtables, Fail2ban and check the status of the Fail2ban install: 

 service iptables restart && service iptables status

Remove a ban from the Fail2ban SSH chain (change IP address): 

 su -c "iptables -D fail2ban-SSH -s 192.168.1.0 -j DROP"

WARNING 'ignoreregex' not defined in 'Definition'. Using default one:

On service start 

 service fail2ban start

There is the following error: 

 WARNING 'ignoreregex' not defined in 'Definition'. Using default one:

This can be corrected by adding the following line: 

 ignoreregex =

To all active filter files in filter.d, such as 

 vi filter.d/postfix-sasl.conf

source: http://sourceforge.net/mailarchive/forum.php?thread_name=4834A375.4080706%40fail2ban.org&forum_name=fail2ban-users

ISSUE: RESOLVED

WARNING 'actioncheck' not defined in 'Definition'. Using default one:

On service start 

 service fail2ban start

There is the following error: 

 WARNING 'actioncheck' not defined in 'Definition'. Using default one:

This can be corrected by adding the following line: 

 actioncheck =

To all active action files in action.d, such as 

 vi action.d/iptables-multiport-tcp.conf

source: trial and error

ISSUE: RESOLVED

Retrieved from "http://wiki.robotz.com/index.php?title=Talk:Brute_Force_Dictionary_Attack_on_Dovecot&oldid=8196"