Fail2Ban is an intrusion prevention framework written in the Python. It ban IP’s that makes too many failed attempts or performs any other unwanted action within a time frame defined, using iptables, thus helping the system admin to prevent attacks.
Though its very helpful, in an office network that has only one public IP and multiple users accessing the same server, there are chances that IP’s gets blocked more frequently. For Eg, let the setting be like 3 failed attempts on ssh port in 60 mins will block the IP for 2 hours. If 5 systems in a network access the server and any 3 of them makes one failed attempt, the IP gets blocked.No Comments | Read More...