fail2ban (EN)

Tool

Tool for protection against brute-force attacks through IP bans

Architecture

flowchart LR   A[Attacker] -->|Failed login attempts| B[Server]   B --> C[Log files]   C --> D[fail2ban]   D -->|Check| E[Rules]   E -->|Threshold exceeded| F[Firewall]   F -->|IP ban| G[Blocked IP]   G -->|Prevents| A

In Context

Typically used together with iptables, nftables or firewalld
Related to: Intrusion Detection System (IDS), Intrusion Prevention System (IPS)
Example use: Protection of SSH services against automated attacks

Quelle: AI Generated