Installing free2ban on Ubuntu

First thing to do is install it from the repository, I’m making the assumption that you are already connected to the internet.

The default configuration is configured in the file /etc/fail2ban/jail.conf it’s suggested at the top of the file that we create a file called /etc/fail2ban/jail.local that overrides the default file, as the original file will get overwriten when the package gets upgraded over time.

Use the original file as a templace to jail.local

The only service that has external exposure past my firewall is ssh, so as you can see, that is the only service that’s enabled. I’ve also ignored my own private class B network (ignore ip) since that doesn’t get routed past my home router anyway.

I’ve also changed the bantime to 6 hours, I think I’ll keep an eye on my log files for a while. Might be interesting reading (for me anyway) to see where these attempts are coming from (mostly China) is my guess so it will be good to see if my theories hold out 🙂
Continue reading