9 Oct
2010
9 Oct
'10
7:38 p.m.
On 09/10/10 18:43, Andy Smith wrote:
Hi Martin,
On Sat, Oct 09, 2010 at 06:24:12PM +0100, Martin Halford wrote:
You are right - setting findtime=600 under [ssh] in jail.local (copied
from jail.conf) eliminates one of the warnings. So the warnings are
probably not important.
At the moment I've only SSH enabled (Debian default in jail.conf).
Entries are starting to appear in the log file again - I suppose when
fail2ban was first started it parsed the auth.log file and immediately
banned everything that had multiple failed logins.
Thanks, Martin.
I decided to install fail2ban today but get the
following warnings on my
VPS (Debian Lenny). Google didn't come up with a solution. The strange
thing is that all the (many) failed SSH login attempts seem to have
disappeared in auth.log, although I see myself login if I tail auth.log
I see the reload in fail2ban.log, but no other activity
Any thoughts - here's the reload...
vs1:~# fail2ban-client reload
WARNING 'findtime' not defined in 'apache-noscript'. Using default value
Any reason to believe it's not just as it says?
Aside from the warnings what leads you to believe it isn't working?
I would recommend disabling jails that you aren't using, though.
Cheers,
Andy