In this video we’ll examine just how quickly and aggressively attacks start flooding in when a server is exposed to the internet, and explore how these attacks can be automatically detected and blocked using Fail2Ban. We’ll also cover how to serve out harsher penalties for repeat offenders, and discuss the importance of tuning the configuration for your particular environment.
References:
Fail2Ban Wiki: https://www.fail2ban.org
Fail2Ban on GitHub: https://github.com/fail2ban/fail2ban
Timecodes:
0:00 Introduction
0:45 How bad is the internet?
1:21 Account lockouts aren’t the answer
2:28 Punish the attacker, not the victim
4:28 A more refined fail2ban config
6.13 More jails for more services
7:06 Stricter bans for recidivism
8:20 Exempt trusted IPs from bans
8:56 Fail2ban limitations
Credits:
Intro/Outro Music: Render Prism: • Render Prism [Creative Commons] (via Argofox: / argofox )
Diagram icons designed by OpenMoji (https://openmoji.org/) CC BYSA 4.0