Categories

JavaScriptPHPHTMLCssPythonWordPressWeb developmentLinuxMySQLAndroidWindowsJavaC++ / C#LayoutReactUbuntuYiiDjangoProgramming1C-BitrixLaravelSystem administrationTelegramJSONDebianPostgreSQLIOSGoogleHtaccessWindows ServerGitMacOSGoogle ChromeCMSWooСommerceBootstrapNginxSQLUnityAPI
Make a leaderReport
D
D
Dim Boy2015-12-20 09:59:14
System administration
Dim Boy, 2015-12-20 09:59:14

How to make Fail2Ban block bad protocol in auth.log?

I changed the ssh port, now there are fewer forwardings in auth.log, but these are the ones left (a lot of the same ip):

sshd[21061]: Did not receive identification string from 177.94.136.61
sshd[25933]: Bad protocol version identification 'guest' from 118.41.56.148 port 59853

Active filters
ssh
ssh-ddos
ssh-route
ssh-iptables-ipset4

Reply
Answer the question

Answer the question

In order to leave comments, you need to log in

2 answer(s)
Report
S
sim3x, 2015-12-20
@sim3x

Tip https://github.com/fail2ban/fail2ban/issues/332
https://darrynvt.wordpress.com/tag/custom-fail2ban... www.fail2ban.org/wiki/index.php/Fail2ban:Community
. ..

Report
D
Dim Boy, 2015-12-22
@twix007

Changed in /etc/fail2ban/filter.d/sshd-ddos.conf:
on the
I'm waiting for the result in the logs.
https://github.com/fail2ban/fail2ban/issues/332
again...
sshd[14773]: Did not receive identification string from 110.166.179.192

Similar questions
S
SaimonTamerlanov2020-10-20 16:52:18
Where should the system administrator store information? 11Reply
B
by_EL2022-02-23 15:44:58
Proxmox with Docker container? 4Reply
B
Bohdan Zadorozhniy2020-10-21 13:07:50
When creating two servers on ISPconfig 3 error, how to fix it? 0Reply
S
sl1m_dogg2016-08-05 15:17:36
How to open a port on a server for outside access, nginx? 1Reply
B
beginer1232016-08-05 18:30:39
Connecting to postgresql 9.5 db via pgAdmin? 1Reply

Didn't find what you were looking for?

Ask your question

Ask a Question

731 491 924 answers to any question