8 May
2011
8 May
'11
8:04 p.m.
2011/5/8 David Mehler dave.mehler@gmail.com:
Hello, Has anyone got fail2ban working and blocking ssh spambot atempts? My ssh is logging with a facility of authpriv which syslogd sends to /var/log/secure. That file has 600 permissions owned and group of root. I want to make it where fail2ban can access the needed file, yet not make it insecure in the process. I was not wanting to change permissions last time I did that on a log file a cron daily report kept noting it. I'd appreciate any suggestions.
Well. fail2ban runs as root as it modified iptables rules? So, no need to modify file access?
-- Eero