FAQ Search Today's Posts Mark Forums Read
» Video Reviews

» Linux Archive

Linux-archive is a website aiming to archive linux email lists and to make them easily accessible for linux users/developers.


» Sponsor

» Partners

» Sponsor

Go Back   Linux Archive > CentOS > CentOS

 
 
LinkBack Thread Tools
 
Old 05-08-2011, 05:49 PM
David Mehler
 
Default fail2ban and secure permissions

Hello,
Has anyone got fail2ban working and blocking ssh spambot atempts? My
ssh is logging with a facility of authpriv which syslogd sends to
/var/log/secure. That file has 600 permissions owned and group of
root. I want to make it where fail2ban can access the needed file, yet
not make it insecure in the process. I was not wanting to change
permissions last time I did that on a log file a cron daily report
kept noting it. I'd appreciate any suggestions.
Thanks.
Dave.
_______________________________________________
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos
 
Old 05-08-2011, 06:00 PM
Ljubomir Ljubojevic
 
Default fail2ban and secure permissions

David Mehler wrote:
> Hello,
> Has anyone got fail2ban working and blocking ssh spambot atempts? My
> ssh is logging with a facility of authpriv which syslogd sends to
> /var/log/secure. That file has 600 permissions owned and group of
> root. I want to make it where fail2ban can access the needed file, yet
> not make it insecure in the process. I was not wanting to change
> permissions last time I did that on a log file a cron daily report
> kept noting it. I'd appreciate any suggestions.
> Thanks.
> Dave.
> _______________________________________________
> CentOS mailing list
> CentOS@centos.org
> http://lists.centos.org/mailman/listinfo/centos
>
>
If you fail to setup fail2ban, use denyhosts instead. I use it for 3-4
years.

Ljubomir
_______________________________________________
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos
 
Old 05-08-2011, 06:04 PM
Eero Volotinen
 
Default fail2ban and secure permissions

2011/5/8 David Mehler <dave.mehler@gmail.com>:
> Hello,
> Has anyone got fail2ban working and blocking ssh spambot atempts? My
> ssh is logging with a facility of authpriv which syslogd sends to
> /var/log/secure. That file has 600 permissions owned and group of
> root. I want to make it where fail2ban can access the needed file, yet
> not make it insecure in the process. I was not wanting to change
> permissions last time I did that on a log file a cron daily report
> kept noting it. I'd appreciate any suggestions.

Well. fail2ban runs as root as it modified iptables rules? So, no need
to modify file access?

--
Eero
_______________________________________________
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos
 

Thread Tools




All times are GMT. The time now is 01:10 AM.

VBulletin, Copyright ©2000 - 2014, Jelsoft Enterprises Ltd.
Content Relevant URLs by vBSEO ©2007, Crawlability, Inc.
Copyright 2007 - 2008, www.linux-archive.org