SquidGuard is a URL redirector used to use blacklists with the proxysoftware Squid. There are two big advantages to squidguard: it is fast and it is free.
fail2ban
Installation
Download the source:
cd /extra/src
wget http://voxel.dl.sourceforge.net/project/fail2ban/fail2ban-stable/fail2ban-0.8.4/fail2ban-0.8.4.tar.bz2
tar jxf fail2ban-0.8.4.tar.bz2
cd fail2ban-0.8.4
Run the installation script. fail2ban will be installed in /usr/share/fail2ban/
and /usr/bin/
, configuration files will be in /etc/fail2ban
:
./setup.py install
Automatic startup
There's a number of different ways to get fail2ban to start automatically (rc.d/init.d script, rc.local, xinetd). We're going to use daemontools.
If you haven't already, install daemontools.
Create a directory for the fail2ban service:
mkdir -m 1755 /var/service/fail2ban
cd /var/service/fail2ban
Create the run script and make it executable:
echo '#!/bin/sh' > run
echo 'exec 2>&1' >> run
echo 'exec fail2ban-client -f' >> run
chmod 755 run
Our log script comes from John Simpson's:
mkdir -m 755 log
cd log
wget http://qmail.jms1.net/scripts/service-any-log-run
mv service-any-log-run run
chmod 755 run
Finally, add the service to daemontools by creating the symbolic link in /service
ln -s /var/service/fail2ban /service/fail2ban
Confirm that the service is running:
svstat /service/fail2ban /service/fail2ban/log
Resources
Fail2ban and iptables
Analyzing Apache Log Files
Monitoring the fail2ban log
Fail2ban monitoring Fail2ban
- Log in to post comments