13 Aug
2012
13 Aug
'12
4:38 p.m.
Hello Mark,
On Mon, 2012-08-13 at 09:26 -0400, m.roth@5-cent.us wrote:
We're seeing on a few of our servers - and sometimes it's only occasionally on some of those - where fail2ban's running happily, AFAIK, but there's an attack (from China, Brazil, etc) on ssh, and they don't seem to be banned; I see many, many sorries for wrong username or password.
Known issue: https://bugzilla.redhat.com/show_bug.cgi?id=833056 . Presumably the default notifier pyInotify is bugged so fail2ban will *not* notice logs being rotated and read from the rotated log file (which doesn't receive updates anymore).
You need to set backend=gamin in jail.conf.
Regards, Leonard.
--
mount -t life -o ro /dev/dna /genetic/research