need to ban repeat ftp attacks from an IP

Discussion in 'Installation/Configuration' started by rlischer, Aug 17, 2009.

  1. rlischer

    rlischer Member

    fail2ban is emailing me every 10 minutes about the same ip it keeps banning for pureftp attacks. Can I ban this IP forever somewhere?

  2. till

    till Super Moderator Staff Member ISPConfig Developer

    Use e.g. this command:

    /sbin/route add -host reject
  3. rlischer

    rlischer Member

    Thanks till
  4. lano

    lano Member

    Or you can put ban in iptables for specific service.
    Here is how I do it:
    iptables -I INPUT -p tcp -s 123.456.789.234 --dport ftp -j REJECT --reject-with tcp-reset
  5. rlischer

    rlischer Member

    Thanks! My attacks have really died down since fail2ban started working.

Share This Page