[CentOS] Interpreting logwatch

Wed Sep 8 13:52:54 UTC 2010
Matthew Miller <mattdm at mattdm.org>

On Wed, Sep 08, 2010 at 02:47:46PM +0100, Timothy Murphy wrote:
> Thanks, I'll try that.
> I had heard of fail2ban , but was slightly put off by the strange name;
> what exactly is the name meant to convey?

"to" as in the sense of "moving to", or "converting to". Failures (login
failures normally, but other errors or log patterns can be used) cause the
triggering IP address to be banned. (Or another action to be taken.)

This is excellent for preventing brute-force ssh attacks.

-- 
Matthew Miller           mattdm at mattdm.org          <http://mattdm.org/>