6e49545f15
Update jail.local
2018-01-20 20:11:13 -07:00
ddd121c997
Rename freeswitch-404.conf to fusionpbx-404.conf
2018-01-20 20:06:44 -07:00
1a95aeb331
Fail2ban - Fix the delimitter for the port range in jail.local.
2017-11-29 22:26:02 -07:00
21512467a7
Update jail.local
2017-11-29 19:43:52 -07:00
fe95015dc7
Update jail.local
2017-11-28 23:02:20 -07:00
78875548ae
Update jail.local
2017-11-28 22:52:03 -07:00
37ecd268db
Update jail.local
2017-10-09 11:33:17 -06:00
609ae00d86
Rename fusionpbx-invalid-mac.conf to fusionpbx-mac.conf
2017-10-09 11:32:37 -06:00
98e1afe8fe
Update jail.local
2017-10-08 23:58:24 -06:00
aa78b22568
Update jail.local
2017-10-08 23:49:05 -06:00
f91c4d3fb6
Update jail.local
2017-10-08 23:24:23 -06:00
f78137a767
Create fusionpbx-invalid-mac.conf
2017-10-08 22:43:19 -06:00
b0d9c28ab4
Update jail.local
2017-10-08 22:31:50 -06:00
d7273a3f5a
Update jail.local
2017-10-08 22:29:31 -06:00
a33131c8be
Ban on auth failure instead of challenge ( #113 )
...
Default fail2ban DoS ruleset looks for auth challenges, but auth challenges can be either successful or unsuccessful. Default rule causes problems with larger environments with many registered devices as they have many successful auth challenges with short registration periods.
By the time auth challenges can be made successfully in volume, it's far too late to be worrying about a DoS or brute force attempt - it's already too late. Rule change here will reduce false positives while still providing same level of useful protection.
Maybe also consider reducing maxretry count or increasing findtime in jail.local to catch true failed auth brute force or DoS attempts more easily in conjunction with above change.
This will be more sensitive in detection and should carry lower false positive rate.
2017-09-02 09:09:07 -06:00
db6815d315
Update jail.local
2017-06-06 23:15:08 -06:00
16451807dd
update the file permissions
2017-03-05 06:11:42 +00:00
e9a1ed3038
jail.local disable the ip ban by default
...
I think this is stopping beginners. Easy to enable.
2017-01-15 00:54:59 -07:00
922677a65e
Update jail.local
2016-11-25 22:00:58 -07:00
2e042cf201
Rename freeswitch-inbound.conf to freeswitch-404.conf
2016-11-25 21:30:15 -07:00
82efcb30d6
Update jail.local
2016-11-25 21:27:24 -07:00
ce06e5d79c
Update jail.local
2016-11-25 18:16:08 -07:00
2d0357b1b4
Rename freeswitch-404.conf to freeswitch-inbound.conf
2016-11-25 18:13:49 -07:00
cbe27f0e88
Create freeswitch-404.conf
...
Fail2ban add inbound routes 404 not found
2016-11-25 18:10:50 -07:00
76be73890e
Update nginx-404.conf
...
This will only match 404 results, not 404 bytes.
2016-10-26 12:02:48 -06:00
81d22845b8
Update jail.local
2016-10-26 11:54:02 -06:00
cc3ecea384
nginx-dos should block 443 as well. ( #36 )
2016-08-23 10:16:15 -06:00
3bf249ac43
Fix. Bun IP requests ( #25 )
2016-06-30 08:13:55 -06:00
53b9f40b40
Make ban action more reflective of the attack type ( #13 )
2016-05-28 18:39:14 -06:00
249b9d74a6
Update jail.local
...
Set the fail2ban to block only web interface for failed authentication attempts.
2016-05-28 13:01:48 -06:00
bf5a253f65
fixes for fail2ban ( #10 )
...
export the command line variables so sub scripts can use them
use sed to update log path is source is used
simplify freeswitch rules to use protocol=all
general tidy up of spacing in files
2016-05-28 12:09:45 -06:00
59516f7708
Add NGINX 404 and DOS filters
2016-05-04 15:58:38 -07:00
59e5c72f80
Update jail.source
2016-05-04 14:24:24 -06:00
81b42e420f
Update jail.package
...
Add a new filter for fail2ban - freeswitch-ip
2016-05-04 14:23:17 -06:00
544f9de6d8
Create freeswitch-ip.conf
2016-05-04 14:20:24 -06:00
5988b7ed7d
Add a shell install script.
2016-04-29 13:24:22 -06:00
FusionPBX
emaktech
root
Chris Black
Alexey Melnichuk
DigiDaz
Mafoo
blackc2004