Fail2ban
From Lolly's Wiki
Kategorie:Security Kategorie:Linux
Installation
Debian / Ubuntu
# apt-get install fail2ban
Configuration
To be secure on updates put your personal settings in the *.local files. This will protect them from overwriting through update procedures.
paths-overrides.local
I have date parts in my logfiles so the defaults from fail2ban would fail to find the logs.
# exim -bP log_file_path
log_file_path = /var/log/exim/%slog-%D
# doveadm log find
Looking for log files from /var/log
Debug: /var/log/dovecot/dovecot.debug-20160309
Info: /var/log/dovecot/dovecot.debug-20160309
Warning: /var/log/dovecot/dovecot.log-20160309
Error: /var/log/dovecot/dovecot.log-20160309
Fatal: /var/log/dovecot/dovecot.log-20160309
[DEFAULT]
dovecot_log = /var/log/dovecot/dovecot.log-*
exim_main_log = /var/log/exim/mainlog-*
jail.local
[DEFAULT]
bantime = 3600
#
[sshd]
enabled = true
[exim-spam]
enabled = true
[exim]
enabled = true
[sshd-ddos]
enabled = true
[dovecot]
enabled = true
[sieve]
enabled = true