LinuxQuestions.org
Review your favorite Linux distribution.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Security
User Name
Password
Linux - Security This forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.

Notices


Reply
  Search this Thread
Old 10-08-2009, 04:18 PM   #1
SuperDude123
Member
 
Registered: Nov 2008
Posts: 158

Rep: Reputation: 30
Fail2ban problem or normal?


When I did:
/etc/init.d/fail2ban status

I got:
Status of authentication failure monitor:/var/run/fail2ban/fail2ban.sock not readable, status of fail2ban is unknown failed!


Is this normal?

Also, how do I know if my fail2ban is up to date?
 
Old 10-08-2009, 05:13 PM   #2
bathory
LQ Guru
 
Registered: Jun 2004
Location: Piraeus
Distribution: Slackware
Posts: 12,214

Rep: Reputation: 1683Reputation: 1683Reputation: 1683Reputation: 1683Reputation: 1683Reputation: 1683Reputation: 1683Reputation: 1683Reputation: 1683Reputation: 1683Reputation: 1683
Quoting from the manual:
Quote:
If fail2ban-server crashes (does it?), it is possible that the socket file has not been removed correctly. The -x option tells the server to delete the socket file before start-up. If the socket file of a running server is removed, it is not possible to communicate with this server anymore.
.So run
Code:
ps -ef|grep fail2ban
and see if the -x option is used. If it's not, I guess you can add it in the appropriate function in the startup script.

To check if you run the latest version, use
Code:
fail2ban-server -V
Regards
 
Old 10-08-2009, 05:40 PM   #3
SuperDude123
Member
 
Registered: Nov 2008
Posts: 158

Original Poster
Rep: Reputation: 30
The short hand of it was I got this:

When I did

ps -ef|grep fail2ban

I got:

root 1741 1 0 18:21 ? 00:00:01 /usr/bin/python /usr/bin/fail2ban-server -b -s /var/run/fail2ban/fail2ban.sock

How do I add the -x option?


Now before the reply, I had uninstalled failed2band, and reinstalled it, but when I ran this

fail2ban-server -V

I got

Fail2Ban v0.8.3


Now when I still run the option of
/etc/init.d/fail2ban status

I get:
Status of authentication failure monitor:/var/run/fail2ban/fail2ban.sock not readable, status of fail2ban is unknown failed!


yet oddly, when my friends try to connect to my server and intentionally use the wrong passwords, it still locks them out.
 
Old 02-26-2016, 04:16 PM   #4
Warehouseman
LQ Newbie
 
Registered: Feb 2016
Posts: 1

Rep: Reputation: Disabled
The answer to your problem is too simple. There is nothing wrong with fail2ban. It's socket file isn't readable because you lack the necessary privileges.

Just run with sudo and you'll be fine.

Code:
sudo /etc/init.d/fail2ban status
 
1 members found this post helpful.
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
fail2ban install qwertyjjj Linux - Newbie 3 08-08-2009 04:11 AM
Need help with fail2ban regex jakev383 Linux - Security 6 12-07-2008 09:35 AM
Fail2ban and Firestarter baldur2630 Linux - Software 2 09-29-2008 05:46 AM
Strange problem with fail2ban markoh Linux - Security 0 02-29-2008 01:41 AM
Weird problem with fail2ban miza Linux - Software 0 10-28-2006 09:57 AM

LinuxQuestions.org > Forums > Linux Forums > Linux - Security

All times are GMT -5. The time now is 03:37 PM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration