A Password Protection Service

Fail2ban

Author(s): By Ken Hess

Fail2ban is a quick to deploy, easy to set up, and free to use intrusion prevention service that protects your systems from brute force and dictionary attacks.

Special Thanks: This article was made possible by support from Linux Professional Institute

Several security measures do not protect your systems from compromise, including security by obscurity (i.e., changing ports), intrusion detection (after the fact monitoring and reporting), and poor password policies (allowing non-complex passwords). The better method for protecting your systems is to implement intrusion prevention measures. Fail2ban is one such solution. It scans logs to check for attacks before they occur and blocks the offending host’s access prior to any compromises or break-ins.

Malicious attackers know that passwords are the weakest link in the security chain. They also know that with enough time they can break even the best passwords. Rather than allowing attackers to make attempt after attempt, Fail2ban stops them on their first round of attempts. Any password-protected service such as SSH, FTP, IMAP, POP3, Sendmail, and others are susceptible to brute force and dictionary attacks, because username/password combinations are inherently weak protections.

[...]

Use Express-Checkout link below to read the full article (PDF).