Difference between revisions of "Fail2Ban installation"

From Kolmisoft Wiki
Jump to navigationJump to search
(Created page with 'This is small guide how to install http://en.wikipedia.org/wiki/Fail2ban Fail2Ban which will fight against brute-force attacks to your Asterisk server. Our script is made by…')
 
m
 
(12 intermediate revisions by 2 users not shown)
Line 1: Line 1:
This is small guide how to install [[http://en.wikipedia.org/wiki/Fail2ban Fail2Ban]] which will fight against brute-force attacks to your Asterisk server.
This is small guide how to install [http://en.wikipedia.org/wiki/Fail2ban Fail2Ban] which will protect against brute-force attacks to your Asterisk server.


Our script is made by instructions made in [[http://www.voip-info.org/wiki/view/Fail2Ban+%28with+iptables%29+And+Asterisk this manual]].
Our script is made by instructions described in [http://www.voip-info.org/wiki/view/Fail2Ban+%28with+iptables%29+And+Asterisk this manual].


To install this script execute following commands:
To install this script on MOR system execute following commands:


* cd /usr/src/mor/sh_scripts/
* cd /usr/src/mor/sh_scripts/
Line 9: Line 9:
* ./fail2ban_install.sh
* ./fail2ban_install.sh


It will install Fail2Ban and iptables (if they were not present).
It will install Fail2Ban and [http://en.wikipedia.org/wiki/Iptables iptables] (if they were not present).


You can check log at ''/var/log/fail2ban.log'' to see what IPs were blocked.
You can check log at ''/var/log/fail2ban.log'' to see what IPs were blocked.
Line 15: Line 15:
IP will be blocked if it tries to register to your Asterisk server 5 times without luck.  
IP will be blocked if it tries to register to your Asterisk server 5 times without luck.  


It will be unbanned after 10 minutes. Most of the times this is enough for attacker to forget about your server.
It will be unbanned after 10 minutes. Most of the times this is enough for attacker to forget about your server and go out to search for other victim.
 
<br><br>
---------
<br><br>
 
If you need to install Fail2Ban separately on Centos, use this script: [[File:Fail2ban_install.sh|Fail2ban_install.sh]]
 
* Make sure ruby, wget and python are installed:
yum -y install python ruby wget
* Download it to your server:
cd /usr/src
wget -c http://wiki.kolmisoft.com/images/e/e8/Fail2ban_install.sh
chmod +x Fail2ban_install.sh
* Run it
./Fail2ban_install.sh
 
Script will do everything automatically:
 
* Will check if Asterisk is installed
* Will backup old Fail2Ban configuration (if exists)
* Will check if iptables are installed, will install if not
* Will check/fix Asterisk logger.conf file to work with Fail2Ban
* Will install Fail2Ban
* Will set local addresses to ignore (to not block ourselves)
* Will start Fail2Ban/iptables

Latest revision as of 12:18, 7 December 2010

This is small guide how to install Fail2Ban which will protect against brute-force attacks to your Asterisk server.

Our script is made by instructions described in this manual.

To install this script on MOR system execute following commands:

  • cd /usr/src/mor/sh_scripts/
  • ./upgrade_install_script.sh
  • ./fail2ban_install.sh

It will install Fail2Ban and iptables (if they were not present).

You can check log at /var/log/fail2ban.log to see what IPs were blocked.

IP will be blocked if it tries to register to your Asterisk server 5 times without luck.

It will be unbanned after 10 minutes. Most of the times this is enough for attacker to forget about your server and go out to search for other victim.






If you need to install Fail2Ban separately on Centos, use this script: File:Fail2ban install.sh

  • Make sure ruby, wget and python are installed:
yum -y install python ruby wget
  • Download it to your server:
cd /usr/src
wget -c http://wiki.kolmisoft.com/images/e/e8/Fail2ban_install.sh
chmod +x Fail2ban_install.sh
  • Run it
./Fail2ban_install.sh

Script will do everything automatically:

  • Will check if Asterisk is installed
  • Will backup old Fail2Ban configuration (if exists)
  • Will check if iptables are installed, will install if not
  • Will check/fix Asterisk logger.conf file to work with Fail2Ban
  • Will install Fail2Ban
  • Will set local addresses to ignore (to not block ourselves)
  • Will start Fail2Ban/iptables