Advanced use of Fail2ban
- Fail2ban can be configured to do many other things.
- In principle, it monitors the log files of your choice, and then triggers actions.
- In the case of ssh, it monitors /var/log/auth.log and execute command iptables to ban IP addresses.
- Open the file /etc/fail2ban/jail.conf
- It already contains the lines to block attacks on the ftp server (vsftpd, wuftpd, proftpd ...), postfix, apache ...
You can start by replacing enabled=false