A Password Protection Service

Fail2ban

© bluebay, 123rf.com

© bluebay, 123rf.com

Author(s):

Fail2ban is a quick to deploy, easy to set up, and free to use intrusion prevention service that protects your systems from brute force and dictionary attacks.

Special Thanks: This article was made possible by support from Linux Professional Institute

Several security measures do not protect your systems from compromise, including security by obscurity (i.e., changing ports), intrusion detection (after the fact monitoring and reporting), and poor password policies (allowing non-complex passwords). The better method for protecting your systems is to implement intrusion prevention measures. Fail2ban is one such solution. It scans logs to check for attacks before they occur and blocks the offending host’s access prior to any compromises or break-ins.

Malicious attackers know that passwords are the weakest link in the security chain. They also know that with enough time they can break even the best passwords. Rather than allowing attackers to make attempt after attempt, Fail2ban stops them on their first round of attempts. Any password-protected service such as SSH, FTP, IMAP, POP3, Sendmail, and others are susceptible to brute force and dictionary attacks, because username/password combinations are inherently weak protections.

[...]

Use Express-Checkout link below to read the full article (PDF).

Buy Linux Magazine

SINGLE ISSUES
 
SUBSCRIPTIONS
 
TABLET & SMARTPHONE APPS
Get it on Google Play

US / Canada

Get it on Google Play

UK / Australia

Related content

comments powered by Disqus
Subscribe to our Linux Newsletters
Find Linux and Open Source Jobs
Subscribe to our ADMIN Newsletters

Support Our Work

Linux Magazine content is made possible with support from readers like you. Please consider contributing when you’ve found an article to be beneficial.

Learn More

News