Difference between revisions of "Talk:Brute Force Dictionary Attack on Dovecot"

From Free Knowledge Base- The DUCK Project: information for everyone
Jump to: navigation, search
(installation runlevels of fail2ban and iptables testing: new section)
 
 
(2 intermediate revisions by one user not shown)
Line 15: Line 15:
  
 
   su -c "iptables -D fail2ban-SSH -s 192.168.1.0 -j DROP"
 
   su -c "iptables -D fail2ban-SSH -s 192.168.1.0 -j DROP"
 +
 +
== WARNING 'ignoreregex' not defined in 'Definition'. Using default one: '' ==
 +
 +
On service start
 +
  service fail2ban start
 +
There is the following error:
 +
  WARNING 'ignoreregex' not defined in 'Definition'. Using default one: ''
 +
This can be corrected by adding the following line:
 +
  ignoreregex =
 +
To all active filter files in filter.d, such as
 +
  vi filter.d/postfix-sasl.conf
 +
 +
source: http://sourceforge.net/mailarchive/forum.php?thread_name=4834A375.4080706%40fail2ban.org&forum_name=fail2ban-users
 +
 +
ISSUE: '''RESOLVED'''
 +
 +
== WARNING 'actioncheck' not defined in 'Definition'. Using default one: '' ==
 +
 +
On service start
 +
  service fail2ban start
 +
There is the following error:
 +
  WARNING 'actioncheck' not defined in 'Definition'. Using default one: ''
 +
This can be corrected by adding the following line:
 +
  actioncheck =
 +
To all active action files in action.d, such as
 +
  vi action.d/iptables-multiport-tcp.conf
 +
 +
source: trial and error
 +
 +
ISSUE: '''RESOLVED'''

Latest revision as of 21:13, 7 February 2014

installation runlevels of fail2ban and iptables testing

Installation runlevels

 chkconfig fail2ban on  - makes fail2ban start with the sytem runlevels in rc.d/rc3.d at startup
 chkconfig fail2ban off - disables fail2ban from starting automatically at system startup
 chkconfig --level 23 fail2ban on - you can specify the runlevel to set the order it loads in relation to the other services
 chkconfig fail2ban on && service fail2ban start - set it to start at boot and get it started immediately

Restart IPtables, Fail2ban and check the status of the Fail2ban install:

 service iptables restart && service iptables status

Remove a ban from the Fail2ban SSH chain (change IP address):

 su -c "iptables -D fail2ban-SSH -s 192.168.1.0 -j DROP"

WARNING 'ignoreregex' not defined in 'Definition'. Using default one:

On service start

 service fail2ban start

There is the following error:

 WARNING 'ignoreregex' not defined in 'Definition'. Using default one: 

This can be corrected by adding the following line:

 ignoreregex =

To all active filter files in filter.d, such as

 vi filter.d/postfix-sasl.conf

source: http://sourceforge.net/mailarchive/forum.php?thread_name=4834A375.4080706%40fail2ban.org&forum_name=fail2ban-users

ISSUE: RESOLVED

WARNING 'actioncheck' not defined in 'Definition'. Using default one:

On service start

 service fail2ban start

There is the following error:

 WARNING 'actioncheck' not defined in 'Definition'. Using default one: 

This can be corrected by adding the following line:

 actioncheck =

To all active action files in action.d, such as

 vi action.d/iptables-multiport-tcp.conf

source: trial and error

ISSUE: RESOLVED