Douglas Muth on 22 Mar 2009 18:48:56 -0700

[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

Re: [PLUG] Fail2ban (was: Re: 'logcheck')

On Sun, Mar 22, 2009 at 8:19 PM,  <> wrote:
> => process started the daemon, and 6 login attempts later, all traffic
> => from that host was dropped via iptables.
> Six login attempts? You're very generous. I ban hosts after 3 attempts. I
> also changed the banned period from the default to one hour.

Just to clarify, 6 attempts is the default config for fail2ban in Ubuntu 8.04.

If I had to guess, the number is 6 because each attempt to ssh in
allows the user 3 tries.  And I know I've exceeded 3 tries before when
I thought I was logging into a different machine, for example.

(Then I started using SSH keys and that was no longer a problem :-)

-- Doug
Philadelphia Linux Users Group         --
Announcements -
General Discussion  --