Mercurial > repos > other > Puppet

annotate common/fail2ban/ibb-sshd-bad-user.conf @ 203:6813609829e3 puppet-3.6

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
Blacklist more usernames no-one will ever log in with
author IBBoard <dev@ibboard.co.uk>
date Wed, 29 May 2019 19:51:42 +0100
parents 80b2fdd7ddfd
children ef5dadecfb0b
Ignore whitespace changes - Everywhere: Within whitespace: At end of lines:
rev   line source
197
23c4f6a38b57 Make Fail2Ban SSH rules more agressive
IBBoard <dev@ibboard.co.uk>
parents:
diff changeset
1 # Fail2Ban configuration file
23c4f6a38b57 Make Fail2Ban SSH rules more agressive
IBBoard <dev@ibboard.co.uk>
parents:
diff changeset
2 # Author: IBBoard
23c4f6a38b57 Make Fail2Ban SSH rules more agressive
IBBoard <dev@ibboard.co.uk>
parents:
diff changeset
3
23c4f6a38b57 Make Fail2Ban SSH rules more agressive
IBBoard <dev@ibboard.co.uk>
parents:
diff changeset
4 [Definition]
23c4f6a38b57 Make Fail2Ban SSH rules more agressive
IBBoard <dev@ibboard.co.uk>
parents:
diff changeset
5
23c4f6a38b57 Make Fail2Ban SSH rules more agressive
IBBoard <dev@ibboard.co.uk>
parents:
diff changeset
6 # Option: failregex
23c4f6a38b57 Make Fail2Ban SSH rules more agressive
IBBoard <dev@ibboard.co.uk>
parents:
diff changeset
7 # Notes.: regex to match the password failures messages in the logfile. The
23c4f6a38b57 Make Fail2Ban SSH rules more agressive
IBBoard <dev@ibboard.co.uk>
parents:
diff changeset
8 # host must be matched by a group named "host". The tag "<HOST>" can
23c4f6a38b57 Make Fail2Ban SSH rules more agressive
IBBoard <dev@ibboard.co.uk>
parents:
diff changeset
9 # be used for standard IP/hostname matching and is only an alias for
23c4f6a38b57 Make Fail2Ban SSH rules more agressive
IBBoard <dev@ibboard.co.uk>
parents:
diff changeset
10 # (?:::f{4,6}:)?(?P<host>[\w\-.^_]+)
23c4f6a38b57 Make Fail2Ban SSH rules more agressive
IBBoard <dev@ibboard.co.uk>
parents:
diff changeset
11 # Values: TEXT
23c4f6a38b57 Make Fail2Ban SSH rules more agressive
IBBoard <dev@ibboard.co.uk>
parents:
diff changeset
12 #
203
6813609829e3 Blacklist more usernames no-one will ever log in with
IBBoard <dev@ibboard.co.uk>
parents: 201
diff changeset
13 failregex = Failed password for invalid user ([0-9a-z][0-9a-z]?|ec2-user|postgres|oracle|nagios|git(olit|lab)?|ftpuser|hadoop|zabbix|student|ubuntu|teamspeak3?|ts3(server|bot)?|jsboss|guest|csgo(server|srv)|minecraft|tomcat|applmgr|usuario|nexus|weblogic|vagrant|zimbra|jira|vyatta|qhsupport|cemergen|redmine|sinusbot|debian|asterisk|aptproxy|facebook|linode|kodi|mongodb|oraprod|proftpd|weblogic|harvard|www(admin|run|user)|uuu|sshd[0-9]*|squid|write|rpcuser|WinD3str0y|sshusr|devteam|gmail|inssftp|master|nfsnobody) from <HOST> port [0-9]+ ssh2
197
23c4f6a38b57 Make Fail2Ban SSH rules more agressive
IBBoard <dev@ibboard.co.uk>
parents:
diff changeset
14
23c4f6a38b57 Make Fail2Ban SSH rules more agressive
IBBoard <dev@ibboard.co.uk>
parents:
diff changeset
15 # Option: ignoreregex
23c4f6a38b57 Make Fail2Ban SSH rules more agressive
IBBoard <dev@ibboard.co.uk>
parents:
diff changeset
16 # Notes.: regex to ignore. If this regex matches, the line is ignored.
23c4f6a38b57 Make Fail2Ban SSH rules more agressive
IBBoard <dev@ibboard.co.uk>
parents:
diff changeset
17 # Values: TEXT
23c4f6a38b57 Make Fail2Ban SSH rules more agressive
IBBoard <dev@ibboard.co.uk>
parents:
diff changeset
18 #
23c4f6a38b57 Make Fail2Ban SSH rules more agressive
IBBoard <dev@ibboard.co.uk>
parents:
diff changeset
19 ignoreregex =