How To Configure Fail2ban to ban bots for longer periord of time
Posted: Wed Jun 20, 2018 4:06 pm
Hi,
I was analysing my fail2ban logs and exim4 logs and found that there are multiple failed logins into SSH and mail. fail2ban ban IP after 5 max try for 10mins, but the bots continue the attack after unban.
1) How to change the default ban time from 10mins to something else.
2)How to ban IPs that were baned more than 5 times in last 24hours for longer duration like a week/month.
3)How to block dynamic IPs based on common hostname (chickenkiller.com) attacking mail.
4) Is CSF is what I am looking for? viewtopic.php?f=20&t=10209
Thank You
I was analysing my fail2ban logs and exim4 logs and found that there are multiple failed logins into SSH and mail. fail2ban ban IP after 5 max try for 10mins, but the bots continue the attack after unban.
1) How to change the default ban time from 10mins to something else.
2)How to ban IPs that were baned more than 5 times in last 24hours for longer duration like a week/month.
3)How to block dynamic IPs based on common hostname (chickenkiller.com) attacking mail.
4) Is CSF is what I am looking for? viewtopic.php?f=20&t=10209
Thank You