Quote:
Originally Posted by butchrappe
I did the "yum install fail2ban-all"
There are a couple filenames I see under /etc - but they don't exist. Very strange.
When I look at the fail2ban.conf file, it doesn't have the content that the online text discusses.
I was trying to follow: www.the-aret-of-web.com/system/fail2ban
I'd like to understand this a little better and make sure it's not allowing any "defaults" that can
be exploited.
I started fail2ban, and will put it in the startup script.
Also restarted httpd. So, for now it's running. Is there a log I can follow? Or is it all under messages?
Thanks so much !
Butch
|
Butch:
the 'log' is specified in the section titled
Code:
# Option: logtarget
by the authors at
http://pastie.org/private/ntqzl0flbwxcqfkslgtqcw#2,34
This came right out of the from fail2ban-server-0.9-9.el7.noarch.rpm
I did not 'see' any fail2ban.conf in the two RPMs I checked...
If yours is running without issue, check /var/log/fail2ban.log using
Code:
less /var/log/fail2ban.log
or
Code:
tail -f /var/log/fail2ban.log
for live polling.
http://www.the-art-of-web.com/system/fail2ban-howto/ seems ok to me.