Vous n'êtes pas identifié(e).
Pages : 1
pour un serveur MySQL ouvert
dans /etc/mysql/my.cnf
general_log_file = /var/log/mysql/mysql.log
general_log = 1
dans /usr/share/fail2ban/server/datedetector.py
# AAMMJJ HH:MM:SS MySQL
template = DateStrptime()
template.setName("YearMonthDay Hour:Minute:Second")
template.setRegex("\d{2}\d{2}\d{2} \d{2}:\d{2}:\d{2}")
template.setPattern("%y%m%d %H:%M:%S")
self.__templates.append(template)
dans /etc/fail2ban/filter.d/mysqld.conf
[Definition]
failregex = Access denied for user '.*'@'<HOST>'
ignoreregex =
dans /etc/fail2ban/jail.conf
[mysql]
enabled = true
port = 3306
filter = mysqld
logpath = /var/log/mysql/mysql.log
maxretry = 3
Hors ligne
pour contrer les scans DFIND pour apache
dans /etc/fail2ban/jail.conf
[apache-w00tw00t]
enabled = true
filter = apache-w00tw00t
port = http,https
logpath = /var/log/apache2/access*.log
maxretry = 1
dans /etc/fail2ban/filter.d/apache-w00tw00t.conf
[Definition]
failregex = ^<HOST> -.*"GET \/w00tw00t\.at\.ISC\.SANS\.DFind\:\).*".*
ignoreregex =
Hors ligne
Pages : 1