other/Puppet: modules/fail2ban/manifests/init.pp annotate

annotate modules/fail2ban/manifests/init.pp @ 324:b0928653dfc2

Blacklist more users, including sshd, ftpadmin and a cPanel tool

author	IBBoard <dev@ibboard.co.uk>
date	Sun, 01 Mar 2020 19:57:21 +0000
parents	edd1e3b444e7
children	a79ad974a548

rev	line source
292 3e04f35dd0af Turn Fail2ban setup into a module IBBoard <dev@ibboard.co.uk> parents: diff changeset	1 class fail2ban (
3e04f35dd0af Turn Fail2ban setup into a module IBBoard <dev@ibboard.co.uk> parents: diff changeset	2 $firewall_cmd,
3e04f35dd0af Turn Fail2ban setup into a module IBBoard <dev@ibboard.co.uk> parents: diff changeset	3 ) {
3e04f35dd0af Turn Fail2ban setup into a module IBBoard <dev@ibboard.co.uk> parents: diff changeset	4 package { 'fail2ban':
3e04f35dd0af Turn Fail2ban setup into a module IBBoard <dev@ibboard.co.uk> parents: diff changeset	5 ensure => installed,
3e04f35dd0af Turn Fail2ban setup into a module IBBoard <dev@ibboard.co.uk> parents: diff changeset	6 }
3e04f35dd0af Turn Fail2ban setup into a module IBBoard <dev@ibboard.co.uk> parents: diff changeset	7 service { 'fail2ban':
3e04f35dd0af Turn Fail2ban setup into a module IBBoard <dev@ibboard.co.uk> parents: diff changeset	8 ensure => running,
3e04f35dd0af Turn Fail2ban setup into a module IBBoard <dev@ibboard.co.uk> parents: diff changeset	9 enable => true
3e04f35dd0af Turn Fail2ban setup into a module IBBoard <dev@ibboard.co.uk> parents: diff changeset	10 }
3e04f35dd0af Turn Fail2ban setup into a module IBBoard <dev@ibboard.co.uk> parents: diff changeset	11 File<\| tag == 'fail2ban' \|> {
3e04f35dd0af Turn Fail2ban setup into a module IBBoard <dev@ibboard.co.uk> parents: diff changeset	12 ensure => present,
3e04f35dd0af Turn Fail2ban setup into a module IBBoard <dev@ibboard.co.uk> parents: diff changeset	13 require => Package['fail2ban'],
3e04f35dd0af Turn Fail2ban setup into a module IBBoard <dev@ibboard.co.uk> parents: diff changeset	14 notify => Service['fail2ban'],
3e04f35dd0af Turn Fail2ban setup into a module IBBoard <dev@ibboard.co.uk> parents: diff changeset	15 }
3e04f35dd0af Turn Fail2ban setup into a module IBBoard <dev@ibboard.co.uk> parents: diff changeset	16 file { '/etc/fail2ban/fail2ban.local':
3e04f35dd0af Turn Fail2ban setup into a module IBBoard <dev@ibboard.co.uk> parents: diff changeset	17 source => 'puppet:///modules/fail2ban/fail2ban.local',
3e04f35dd0af Turn Fail2ban setup into a module IBBoard <dev@ibboard.co.uk> parents: diff changeset	18 }
3e04f35dd0af Turn Fail2ban setup into a module IBBoard <dev@ibboard.co.uk> parents: diff changeset	19 file { '/etc/fail2ban/jail.local':
3e04f35dd0af Turn Fail2ban setup into a module IBBoard <dev@ibboard.co.uk> parents: diff changeset	20 source => 'puppet:///modules/fail2ban/jail.local',
3e04f35dd0af Turn Fail2ban setup into a module IBBoard <dev@ibboard.co.uk> parents: diff changeset	21 }
3e04f35dd0af Turn Fail2ban setup into a module IBBoard <dev@ibboard.co.uk> parents: diff changeset	22 file { '/etc/fail2ban/action.d/apf.conf':
3e04f35dd0af Turn Fail2ban setup into a module IBBoard <dev@ibboard.co.uk> parents: diff changeset	23 source => 'puppet:///modules/fail2ban/apf.conf',
3e04f35dd0af Turn Fail2ban setup into a module IBBoard <dev@ibboard.co.uk> parents: diff changeset	24 }
3e04f35dd0af Turn Fail2ban setup into a module IBBoard <dev@ibboard.co.uk> parents: diff changeset	25
3e04f35dd0af Turn Fail2ban setup into a module IBBoard <dev@ibboard.co.uk> parents: diff changeset	26 if $firewall_cmd == 'iptables' {
3e04f35dd0af Turn Fail2ban setup into a module IBBoard <dev@ibboard.co.uk> parents: diff changeset	27 $firewall_ban_cmd = 'iptables-multiport'
3e04f35dd0af Turn Fail2ban setup into a module IBBoard <dev@ibboard.co.uk> parents: diff changeset	28 } else {
3e04f35dd0af Turn Fail2ban setup into a module IBBoard <dev@ibboard.co.uk> parents: diff changeset	29 $firewall_ban_cmd = $firewall_cmd
3e04f35dd0af Turn Fail2ban setup into a module IBBoard <dev@ibboard.co.uk> parents: diff changeset	30 }
3e04f35dd0af Turn Fail2ban setup into a module IBBoard <dev@ibboard.co.uk> parents: diff changeset	31
3e04f35dd0af Turn Fail2ban setup into a module IBBoard <dev@ibboard.co.uk> parents: diff changeset	32 file { '/etc/fail2ban/action.d/firewall-ban.conf':
3e04f35dd0af Turn Fail2ban setup into a module IBBoard <dev@ibboard.co.uk> parents: diff changeset	33 ensure => link,
3e04f35dd0af Turn Fail2ban setup into a module IBBoard <dev@ibboard.co.uk> parents: diff changeset	34 target => "/etc/fail2ban/action.d/${firewall_ban_cmd}.conf",
3e04f35dd0af Turn Fail2ban setup into a module IBBoard <dev@ibboard.co.uk> parents: diff changeset	35 }
3e04f35dd0af Turn Fail2ban setup into a module IBBoard <dev@ibboard.co.uk> parents: diff changeset	36 file { '/etc/fail2ban/filter.d/ibb-apache-exploits-instaban.conf':
3e04f35dd0af Turn Fail2ban setup into a module IBBoard <dev@ibboard.co.uk> parents: diff changeset	37 source => 'puppet:///modules/fail2ban/ibb-apache-exploits-instaban.conf',
3e04f35dd0af Turn Fail2ban setup into a module IBBoard <dev@ibboard.co.uk> parents: diff changeset	38 }
3e04f35dd0af Turn Fail2ban setup into a module IBBoard <dev@ibboard.co.uk> parents: diff changeset	39 file { '/etc/fail2ban/filter.d/ibb-apache-shellshock.conf':
3e04f35dd0af Turn Fail2ban setup into a module IBBoard <dev@ibboard.co.uk> parents: diff changeset	40 source => 'puppet:///modules/fail2ban/ibb-apache-shellshock.conf',
3e04f35dd0af Turn Fail2ban setup into a module IBBoard <dev@ibboard.co.uk> parents: diff changeset	41 }
3e04f35dd0af Turn Fail2ban setup into a module IBBoard <dev@ibboard.co.uk> parents: diff changeset	42 file { '/etc/fail2ban/filter.d/ibb-repeat-offender.conf':
3e04f35dd0af Turn Fail2ban setup into a module IBBoard <dev@ibboard.co.uk> parents: diff changeset	43 source => 'puppet:///modules/fail2ban/ibb-repeat-offender.conf',
3e04f35dd0af Turn Fail2ban setup into a module IBBoard <dev@ibboard.co.uk> parents: diff changeset	44 }
3e04f35dd0af Turn Fail2ban setup into a module IBBoard <dev@ibboard.co.uk> parents: diff changeset	45 file { '/etc/fail2ban/filter.d/ibb-repeat-offender-ssh.conf':
3e04f35dd0af Turn Fail2ban setup into a module IBBoard <dev@ibboard.co.uk> parents: diff changeset	46 source => 'puppet:///modules/fail2ban/ibb-repeat-offender-ssh.conf',
3e04f35dd0af Turn Fail2ban setup into a module IBBoard <dev@ibboard.co.uk> parents: diff changeset	47 }
3e04f35dd0af Turn Fail2ban setup into a module IBBoard <dev@ibboard.co.uk> parents: diff changeset	48 file { '/etc/fail2ban/filter.d/ibb-postfix-spammers.conf':
3e04f35dd0af Turn Fail2ban setup into a module IBBoard <dev@ibboard.co.uk> parents: diff changeset	49 source => 'puppet:///modules/fail2ban/ibb-postfix-spammers.conf',
3e04f35dd0af Turn Fail2ban setup into a module IBBoard <dev@ibboard.co.uk> parents: diff changeset	50 }
3e04f35dd0af Turn Fail2ban setup into a module IBBoard <dev@ibboard.co.uk> parents: diff changeset	51 file { '/etc/fail2ban/filter.d/ibb-postfix-malicious.conf':
3e04f35dd0af Turn Fail2ban setup into a module IBBoard <dev@ibboard.co.uk> parents: diff changeset	52 source => 'puppet:///modules/fail2ban/ibb-postfix-malicious.conf',
3e04f35dd0af Turn Fail2ban setup into a module IBBoard <dev@ibboard.co.uk> parents: diff changeset	53 }
3e04f35dd0af Turn Fail2ban setup into a module IBBoard <dev@ibboard.co.uk> parents: diff changeset	54 file { '/etc/fail2ban/filter.d/ibb-postfix.conf':
3e04f35dd0af Turn Fail2ban setup into a module IBBoard <dev@ibboard.co.uk> parents: diff changeset	55 source => 'puppet:///modules/fail2ban/ibb-postfix.conf',
3e04f35dd0af Turn Fail2ban setup into a module IBBoard <dev@ibboard.co.uk> parents: diff changeset	56 }
3e04f35dd0af Turn Fail2ban setup into a module IBBoard <dev@ibboard.co.uk> parents: diff changeset	57 file { '/etc/fail2ban/filter.d/ibb-sshd.conf':
3e04f35dd0af Turn Fail2ban setup into a module IBBoard <dev@ibboard.co.uk> parents: diff changeset	58 source => 'puppet:///modules/fail2ban/ibb-sshd.conf',
3e04f35dd0af Turn Fail2ban setup into a module IBBoard <dev@ibboard.co.uk> parents: diff changeset	59 }
3e04f35dd0af Turn Fail2ban setup into a module IBBoard <dev@ibboard.co.uk> parents: diff changeset	60
3e04f35dd0af Turn Fail2ban setup into a module IBBoard <dev@ibboard.co.uk> parents: diff changeset	61 $bad_users = [
297 4f7315d7e869 Blacklist LOTS of usernames IBBoard <dev@ibboard.co.uk> parents: 296 diff changeset	62 '[^0-9a-zA-Z]+',
292 3e04f35dd0af Turn Fail2ban setup into a module IBBoard <dev@ibboard.co.uk> parents: diff changeset	63 '[0-9]+',
297 4f7315d7e869 Blacklist LOTS of usernames IBBoard <dev@ibboard.co.uk> parents: 296 diff changeset	64 '[0-9a-zA-Z]{1,3}',
292 3e04f35dd0af Turn Fail2ban setup into a module IBBoard <dev@ibboard.co.uk> parents: diff changeset	65 '([0-9a-z])\2{2,}',
3e04f35dd0af Turn Fail2ban setup into a module IBBoard <dev@ibboard.co.uk> parents: diff changeset	66 'abused',
3e04f35dd0af Turn Fail2ban setup into a module IBBoard <dev@ibboard.co.uk> parents: diff changeset	67 'adm',
3e04f35dd0af Turn Fail2ban setup into a module IBBoard <dev@ibboard.co.uk> parents: diff changeset	68 'Admin',
297 4f7315d7e869 Blacklist LOTS of usernames IBBoard <dev@ibboard.co.uk> parents: 296 diff changeset	69 'admins?[0-9]+',
4f7315d7e869 Blacklist LOTS of usernames IBBoard <dev@ibboard.co.uk> parents: 296 diff changeset	70 'administr[a-z]+', # administracion, administrador, administradorweb, administrator, etc
294 d49def2d04ae Blacklist more SSH users IBBoard <dev@ibboard.co.uk> parents: 293 diff changeset	71 'admissions',
292 3e04f35dd0af Turn Fail2ban setup into a module IBBoard <dev@ibboard.co.uk> parents: diff changeset	72 'altibase',
3e04f35dd0af Turn Fail2ban setup into a module IBBoard <dev@ibboard.co.uk> parents: diff changeset	73 'alumni',
3e04f35dd0af Turn Fail2ban setup into a module IBBoard <dev@ibboard.co.uk> parents: diff changeset	74 'amavisd?',
295 90525117ab81 Blacklist more SSH users IBBoard <dev@ibboard.co.uk> parents: 294 diff changeset	75 'amministratore',
292 3e04f35dd0af Turn Fail2ban setup into a module IBBoard <dev@ibboard.co.uk> parents: diff changeset	76 'anwenderschnittstelle',
3e04f35dd0af Turn Fail2ban setup into a module IBBoard <dev@ibboard.co.uk> parents: diff changeset	77 'anonymous',
3e04f35dd0af Turn Fail2ban setup into a module IBBoard <dev@ibboard.co.uk> parents: diff changeset	78 'ansible',
3e04f35dd0af Turn Fail2ban setup into a module IBBoard <dev@ibboard.co.uk> parents: diff changeset	79 'aptproxy',
297 4f7315d7e869 Blacklist LOTS of usernames IBBoard <dev@ibboard.co.uk> parents: 296 diff changeset	80 'apt-mirror',
4f7315d7e869 Blacklist LOTS of usernames IBBoard <dev@ibboard.co.uk> parents: 296 diff changeset	81 'ark(server)?',
292 3e04f35dd0af Turn Fail2ban setup into a module IBBoard <dev@ibboard.co.uk> parents: diff changeset	82 'asterisk',
297 4f7315d7e869 Blacklist LOTS of usernames IBBoard <dev@ibboard.co.uk> parents: 296 diff changeset	83 'audio',
292 3e04f35dd0af Turn Fail2ban setup into a module IBBoard <dev@ibboard.co.uk> parents: diff changeset	84 'auser',
297 4f7315d7e869 Blacklist LOTS of usernames IBBoard <dev@ibboard.co.uk> parents: 296 diff changeset	85 'autologin',
292 3e04f35dd0af Turn Fail2ban setup into a module IBBoard <dev@ibboard.co.uk> parents: diff changeset	86 'avahi',
3e04f35dd0af Turn Fail2ban setup into a module IBBoard <dev@ibboard.co.uk> parents: diff changeset	87 'avis',
3e04f35dd0af Turn Fail2ban setup into a module IBBoard <dev@ibboard.co.uk> parents: diff changeset	88 'backlog',
3e04f35dd0af Turn Fail2ban setup into a module IBBoard <dev@ibboard.co.uk> parents: diff changeset	89 'backup(s\|er\|pc\|user)?',
297 4f7315d7e869 Blacklist LOTS of usernames IBBoard <dev@ibboard.co.uk> parents: 296 diff changeset	90 'bash',
308 edd1e3b444e7 Blacklist more users on SSH including bugzilla IBBoard <dev@ibboard.co.uk> parents: 305 diff changeset	91 'batch',
297 4f7315d7e869 Blacklist LOTS of usernames IBBoard <dev@ibboard.co.uk> parents: 296 diff changeset	92 'beagleindex',
292 3e04f35dd0af Turn Fail2ban setup into a module IBBoard <dev@ibboard.co.uk> parents: diff changeset	93 'bf2',
305 38e35360a390 Blacklist hive, polkitd, cinstall and more as SSH logins IBBoard <dev@ibboard.co.uk> parents: 297 diff changeset	94 '.*bitbucket',
324 b0928653dfc2 Blacklist more users, including sshd, ftpadmin and a cPanel tool IBBoard <dev@ibboard.co.uk> parents: 308 diff changeset	95 'bind',
293 55762b436f89 Add more blacklisted SSH usernames IBBoard <dev@ibboard.co.uk> parents: 292 diff changeset	96 'bitcoin',
292 3e04f35dd0af Turn Fail2ban setup into a module IBBoard <dev@ibboard.co.uk> parents: diff changeset	97 'bitnami',
3e04f35dd0af Turn Fail2ban setup into a module IBBoard <dev@ibboard.co.uk> parents: diff changeset	98 'bitrix',
308 edd1e3b444e7 Blacklist more users on SSH including bugzilla IBBoard <dev@ibboard.co.uk> parents: 305 diff changeset	99 'bkroot',
297 4f7315d7e869 Blacklist LOTS of usernames IBBoard <dev@ibboard.co.uk> parents: 296 diff changeset	100 'blog',
292 3e04f35dd0af Turn Fail2ban setup into a module IBBoard <dev@ibboard.co.uk> parents: diff changeset	101 'boinc',
3e04f35dd0af Turn Fail2ban setup into a module IBBoard <dev@ibboard.co.uk> parents: diff changeset	102 'botmaster',
308 edd1e3b444e7 Blacklist more users on SSH including bugzilla IBBoard <dev@ibboard.co.uk> parents: 305 diff changeset	103 'bugzilla',
292 3e04f35dd0af Turn Fail2ban setup into a module IBBoard <dev@ibboard.co.uk> parents: diff changeset	104 'build',
3e04f35dd0af Turn Fail2ban setup into a module IBBoard <dev@ibboard.co.uk> parents: diff changeset	105 'buscador',
3e04f35dd0af Turn Fail2ban setup into a module IBBoard <dev@ibboard.co.uk> parents: diff changeset	106 'cacti(user)?',
297 4f7315d7e869 Blacklist LOTS of usernames IBBoard <dev@ibboard.co.uk> parents: 296 diff changeset	107 'carrerasoft',
292 3e04f35dd0af Turn Fail2ban setup into a module IBBoard <dev@ibboard.co.uk> parents: diff changeset	108 'catchall',
297 4f7315d7e869 Blacklist LOTS of usernames IBBoard <dev@ibboard.co.uk> parents: 296 diff changeset	109 'celery',
292 3e04f35dd0af Turn Fail2ban setup into a module IBBoard <dev@ibboard.co.uk> parents: diff changeset	110 'cemergen',
297 4f7315d7e869 Blacklist LOTS of usernames IBBoard <dev@ibboard.co.uk> parents: 296 diff changeset	111 'centos',
292 3e04f35dd0af Turn Fail2ban setup into a module IBBoard <dev@ibboard.co.uk> parents: diff changeset	112 'chef',
297 4f7315d7e869 Blacklist LOTS of usernames IBBoard <dev@ibboard.co.uk> parents: 296 diff changeset	113 'cgi',
4f7315d7e869 Blacklist LOTS of usernames IBBoard <dev@ibboard.co.uk> parents: 296 diff changeset	114 'chromeuser',
292 3e04f35dd0af Turn Fail2ban setup into a module IBBoard <dev@ibboard.co.uk> parents: diff changeset	115 'cinema',
305 38e35360a390 Blacklist hive, polkitd, cinstall and more as SSH logins IBBoard <dev@ibboard.co.uk> parents: 297 diff changeset	116 'cinstall',
297 4f7315d7e869 Blacklist LOTS of usernames IBBoard <dev@ibboard.co.uk> parents: 296 diff changeset	117 'cisco',
292 3e04f35dd0af Turn Fail2ban setup into a module IBBoard <dev@ibboard.co.uk> parents: diff changeset	118 'clamav',
3e04f35dd0af Turn Fail2ban setup into a module IBBoard <dev@ibboard.co.uk> parents: diff changeset	119 'cliente?[0-9]*',
3e04f35dd0af Turn Fail2ban setup into a module IBBoard <dev@ibboard.co.uk> parents: diff changeset	120 'clouduser',
3e04f35dd0af Turn Fail2ban setup into a module IBBoard <dev@ibboard.co.uk> parents: diff changeset	121 'com',
3e04f35dd0af Turn Fail2ban setup into a module IBBoard <dev@ibboard.co.uk> parents: diff changeset	122 'comercial',
3e04f35dd0af Turn Fail2ban setup into a module IBBoard <dev@ibboard.co.uk> parents: diff changeset	123 'control',
3e04f35dd0af Turn Fail2ban setup into a module IBBoard <dev@ibboard.co.uk> parents: diff changeset	124 'couchdb',
3e04f35dd0af Turn Fail2ban setup into a module IBBoard <dev@ibboard.co.uk> parents: diff changeset	125 'cpanel',
324 b0928653dfc2 Blacklist more users, including sshd, ftpadmin and a cPanel tool IBBoard <dev@ibboard.co.uk> parents: 308 diff changeset	126 'cpanelrrdtool',
292 3e04f35dd0af Turn Fail2ban setup into a module IBBoard <dev@ibboard.co.uk> parents: diff changeset	127 'create',
3e04f35dd0af Turn Fail2ban setup into a module IBBoard <dev@ibboard.co.uk> parents: diff changeset	128 'cron',
297 4f7315d7e869 Blacklist LOTS of usernames IBBoard <dev@ibboard.co.uk> parents: 296 diff changeset	129 '(cs(s\|go\|cz)\|arma\|mc\|tf2?\|sdtd\|web\|pz)-?se?rve?r?',
4f7315d7e869 Blacklist LOTS of usernames IBBoard <dev@ibboard.co.uk> parents: 296 diff changeset	130 'cs-?go1?',
4f7315d7e869 Blacklist LOTS of usernames IBBoard <dev@ibboard.co.uk> parents: 296 diff changeset	131 'CumulusLinux!',
292 3e04f35dd0af Turn Fail2ban setup into a module IBBoard <dev@ibboard.co.uk> parents: diff changeset	132 'cyrus[0-9]*',
3e04f35dd0af Turn Fail2ban setup into a module IBBoard <dev@ibboard.co.uk> parents: diff changeset	133 'daemon',
3e04f35dd0af Turn Fail2ban setup into a module IBBoard <dev@ibboard.co.uk> parents: diff changeset	134 'danger',
297 4f7315d7e869 Blacklist LOTS of usernames IBBoard <dev@ibboard.co.uk> parents: 296 diff changeset	135 'darwin',
4f7315d7e869 Blacklist LOTS of usernames IBBoard <dev@ibboard.co.uk> parents: 296 diff changeset	136 'dasuse?r',
4f7315d7e869 Blacklist LOTS of usernames IBBoard <dev@ibboard.co.uk> parents: 296 diff changeset	137 'data',
292 3e04f35dd0af Turn Fail2ban setup into a module IBBoard <dev@ibboard.co.uk> parents: diff changeset	138 'debian(-spamd)?',
3e04f35dd0af Turn Fail2ban setup into a module IBBoard <dev@ibboard.co.uk> parents: diff changeset	139 'default',
3e04f35dd0af Turn Fail2ban setup into a module IBBoard <dev@ibboard.co.uk> parents: diff changeset	140 'dell',
297 4f7315d7e869 Blacklist LOTS of usernames IBBoard <dev@ibboard.co.uk> parents: 296 diff changeset	141 'deploy(er)?[0-9]*',
292 3e04f35dd0af Turn Fail2ban setup into a module IBBoard <dev@ibboard.co.uk> parents: diff changeset	142 'desktop',
3e04f35dd0af Turn Fail2ban setup into a module IBBoard <dev@ibboard.co.uk> parents: diff changeset	143 'developer',
297 4f7315d7e869 Blacklist LOTS of usernames IBBoard <dev@ibboard.co.uk> parents: 296 diff changeset	144 'devdata',
292 3e04f35dd0af Turn Fail2ban setup into a module IBBoard <dev@ibboard.co.uk> parents: diff changeset	145 'devops',
3e04f35dd0af Turn Fail2ban setup into a module IBBoard <dev@ibboard.co.uk> parents: diff changeset	146 'devteam',
3e04f35dd0af Turn Fail2ban setup into a module IBBoard <dev@ibboard.co.uk> parents: diff changeset	147 'dietpi',
297 4f7315d7e869 Blacklist LOTS of usernames IBBoard <dev@ibboard.co.uk> parents: 296 diff changeset	148 'discordbot',
4f7315d7e869 Blacklist LOTS of usernames IBBoard <dev@ibboard.co.uk> parents: 296 diff changeset	149 'disklessadmin',
292 3e04f35dd0af Turn Fail2ban setup into a module IBBoard <dev@ibboard.co.uk> parents: diff changeset	150 'django',
297 4f7315d7e869 Blacklist LOTS of usernames IBBoard <dev@ibboard.co.uk> parents: 296 diff changeset	151 'dmarc',
4f7315d7e869 Blacklist LOTS of usernames IBBoard <dev@ibboard.co.uk> parents: 296 diff changeset	152 'dockeruser',
292 3e04f35dd0af Turn Fail2ban setup into a module IBBoard <dev@ibboard.co.uk> parents: diff changeset	153 'dotblot',
3e04f35dd0af Turn Fail2ban setup into a module IBBoard <dev@ibboard.co.uk> parents: diff changeset	154 'download',
3e04f35dd0af Turn Fail2ban setup into a module IBBoard <dev@ibboard.co.uk> parents: diff changeset	155 'dovecot',
297 4f7315d7e869 Blacklist LOTS of usernames IBBoard <dev@ibboard.co.uk> parents: 296 diff changeset	156 'dovenull',
294 d49def2d04ae Blacklist more SSH users IBBoard <dev@ibboard.co.uk> parents: 293 diff changeset	157 'duplicity',
292 3e04f35dd0af Turn Fail2ban setup into a module IBBoard <dev@ibboard.co.uk> parents: diff changeset	158 'easy',
3e04f35dd0af Turn Fail2ban setup into a module IBBoard <dev@ibboard.co.uk> parents: diff changeset	159 'ec2-user',
297 4f7315d7e869 Blacklist LOTS of usernames IBBoard <dev@ibboard.co.uk> parents: 296 diff changeset	160 'ecquser',
292 3e04f35dd0af Turn Fail2ban setup into a module IBBoard <dev@ibboard.co.uk> parents: diff changeset	161 'edu(cation)?[0-9]*',
3e04f35dd0af Turn Fail2ban setup into a module IBBoard <dev@ibboard.co.uk> parents: diff changeset	162 'e-shop',
297 4f7315d7e869 Blacklist LOTS of usernames IBBoard <dev@ibboard.co.uk> parents: 296 diff changeset	163 'elastic',
293 55762b436f89 Add more blacklisted SSH usernames IBBoard <dev@ibboard.co.uk> parents: 292 diff changeset	164 'elsearch',
292 3e04f35dd0af Turn Fail2ban setup into a module IBBoard <dev@ibboard.co.uk> parents: diff changeset	165 'engin(eer)?',
3e04f35dd0af Turn Fail2ban setup into a module IBBoard <dev@ibboard.co.uk> parents: diff changeset	166 'esadmin',
3e04f35dd0af Turn Fail2ban setup into a module IBBoard <dev@ibboard.co.uk> parents: diff changeset	167 'events',
3e04f35dd0af Turn Fail2ban setup into a module IBBoard <dev@ibboard.co.uk> parents: diff changeset	168 'exports?',
3e04f35dd0af Turn Fail2ban setup into a module IBBoard <dev@ibboard.co.uk> parents: diff changeset	169 'facebook',
3e04f35dd0af Turn Fail2ban setup into a module IBBoard <dev@ibboard.co.uk> parents: diff changeset	170 'factorio',
3e04f35dd0af Turn Fail2ban setup into a module IBBoard <dev@ibboard.co.uk> parents: diff changeset	171 'fax',
297 4f7315d7e869 Blacklist LOTS of usernames IBBoard <dev@ibboard.co.uk> parents: 296 diff changeset	172 'fcweb',
4f7315d7e869 Blacklist LOTS of usernames IBBoard <dev@ibboard.co.uk> parents: 296 diff changeset	173 'fetchmail',
292 3e04f35dd0af Turn Fail2ban setup into a module IBBoard <dev@ibboard.co.uk> parents: diff changeset	174 'filter',
3e04f35dd0af Turn Fail2ban setup into a module IBBoard <dev@ibboard.co.uk> parents: diff changeset	175 'firebird',
297 4f7315d7e869 Blacklist LOTS of usernames IBBoard <dev@ibboard.co.uk> parents: 296 diff changeset	176 'firefox',
324 b0928653dfc2 Blacklist more users, including sshd, ftpadmin and a cPanel tool IBBoard <dev@ibboard.co.uk> parents: 308 diff changeset	177 'ftp(admin)?',
292 3e04f35dd0af Turn Fail2ban setup into a module IBBoard <dev@ibboard.co.uk> parents: diff changeset	178 'fuser',
3e04f35dd0af Turn Fail2ban setup into a module IBBoard <dev@ibboard.co.uk> parents: diff changeset	179 'games',
3e04f35dd0af Turn Fail2ban setup into a module IBBoard <dev@ibboard.co.uk> parents: diff changeset	180 'gdm',
3e04f35dd0af Turn Fail2ban setup into a module IBBoard <dev@ibboard.co.uk> parents: diff changeset	181 'geniuz',
297 4f7315d7e869 Blacklist LOTS of usernames IBBoard <dev@ibboard.co.uk> parents: 296 diff changeset	182 'getmail',
292 3e04f35dd0af Turn Fail2ban setup into a module IBBoard <dev@ibboard.co.uk> parents: diff changeset	183 'ggc_user',
3e04f35dd0af Turn Fail2ban setup into a module IBBoard <dev@ibboard.co.uk> parents: diff changeset	184 'ghost',
297 4f7315d7e869 Blacklist LOTS of usernames IBBoard <dev@ibboard.co.uk> parents: 296 diff changeset	185 'git(olite?\|blit\|lab(_ci)?\|admi?n?\|use?r)?',
292 3e04f35dd0af Turn Fail2ban setup into a module IBBoard <dev@ibboard.co.uk> parents: diff changeset	186 'gmail',
294 d49def2d04ae Blacklist more SSH users IBBoard <dev@ibboard.co.uk> parents: 293 diff changeset	187 'gmodserver',
d49def2d04ae Blacklist more SSH users IBBoard <dev@ibboard.co.uk> parents: 293 diff changeset	188 'gnuhealth',
292 3e04f35dd0af Turn Fail2ban setup into a module IBBoard <dev@ibboard.co.uk> parents: diff changeset	189 'gopher',
297 4f7315d7e869 Blacklist LOTS of usernames IBBoard <dev@ibboard.co.uk> parents: 296 diff changeset	190 'government',
292 3e04f35dd0af Turn Fail2ban setup into a module IBBoard <dev@ibboard.co.uk> parents: diff changeset	191 'guest',
3e04f35dd0af Turn Fail2ban setup into a module IBBoard <dev@ibboard.co.uk> parents: diff changeset	192 'hacker',
3e04f35dd0af Turn Fail2ban setup into a module IBBoard <dev@ibboard.co.uk> parents: diff changeset	193 'hadoop',
297 4f7315d7e869 Blacklist LOTS of usernames IBBoard <dev@ibboard.co.uk> parents: 296 diff changeset	194 'haldaemon',
292 3e04f35dd0af Turn Fail2ban setup into a module IBBoard <dev@ibboard.co.uk> parents: diff changeset	195 'harvard',
297 4f7315d7e869 Blacklist LOTS of usernames IBBoard <dev@ibboard.co.uk> parents: 296 diff changeset	196 'hduser',
4f7315d7e869 Blacklist LOTS of usernames IBBoard <dev@ibboard.co.uk> parents: 296 diff changeset	197 'headmaster',
292 3e04f35dd0af Turn Fail2ban setup into a module IBBoard <dev@ibboard.co.uk> parents: diff changeset	198 'helpdesk',
305 38e35360a390 Blacklist hive, polkitd, cinstall and more as SSH logins IBBoard <dev@ibboard.co.uk> parents: 297 diff changeset	199 'hive',
292 3e04f35dd0af Turn Fail2ban setup into a module IBBoard <dev@ibboard.co.uk> parents: diff changeset	200 'home',
3e04f35dd0af Turn Fail2ban setup into a module IBBoard <dev@ibboard.co.uk> parents: diff changeset	201 'host',
3e04f35dd0af Turn Fail2ban setup into a module IBBoard <dev@ibboard.co.uk> parents: diff changeset	202 'httpd?',
294 d49def2d04ae Blacklist more SSH users IBBoard <dev@ibboard.co.uk> parents: 293 diff changeset	203 'httpfs',
292 3e04f35dd0af Turn Fail2ban setup into a module IBBoard <dev@ibboard.co.uk> parents: diff changeset	204 'huawei',
297 4f7315d7e869 Blacklist LOTS of usernames IBBoard <dev@ibboard.co.uk> parents: 296 diff changeset	205 'iamroot',
292 3e04f35dd0af Turn Fail2ban setup into a module IBBoard <dev@ibboard.co.uk> parents: diff changeset	206 'iceuser',
3e04f35dd0af Turn Fail2ban setup into a module IBBoard <dev@ibboard.co.uk> parents: diff changeset	207 'imscp',
297 4f7315d7e869 Blacklist LOTS of usernames IBBoard <dev@ibboard.co.uk> parents: 296 diff changeset	208 'info(rmix)?[0-9]*',
4f7315d7e869 Blacklist LOTS of usernames IBBoard <dev@ibboard.co.uk> parents: 296 diff changeset	209 'installer',
4f7315d7e869 Blacklist LOTS of usernames IBBoard <dev@ibboard.co.uk> parents: 296 diff changeset	210 'inventario',
292 3e04f35dd0af Turn Fail2ban setup into a module IBBoard <dev@ibboard.co.uk> parents: diff changeset	211 'java',
3e04f35dd0af Turn Fail2ban setup into a module IBBoard <dev@ibboard.co.uk> parents: diff changeset	212 'jboss',
3e04f35dd0af Turn Fail2ban setup into a module IBBoard <dev@ibboard.co.uk> parents: diff changeset	213 'jenkins',
3e04f35dd0af Turn Fail2ban setup into a module IBBoard <dev@ibboard.co.uk> parents: diff changeset	214 'jira',
297 4f7315d7e869 Blacklist LOTS of usernames IBBoard <dev@ibboard.co.uk> parents: 296 diff changeset	215 'jmeter',
292 3e04f35dd0af Turn Fail2ban setup into a module IBBoard <dev@ibboard.co.uk> parents: diff changeset	216 'jsboss',
297 4f7315d7e869 Blacklist LOTS of usernames IBBoard <dev@ibboard.co.uk> parents: 296 diff changeset	217 'juniper',
292 3e04f35dd0af Turn Fail2ban setup into a module IBBoard <dev@ibboard.co.uk> parents: diff changeset	218 'kafka',
3e04f35dd0af Turn Fail2ban setup into a module IBBoard <dev@ibboard.co.uk> parents: diff changeset	219 'kodi',
295 90525117ab81 Blacklist more SSH users IBBoard <dev@ibboard.co.uk> parents: 294 diff changeset	220 'kms',
297 4f7315d7e869 Blacklist LOTS of usernames IBBoard <dev@ibboard.co.uk> parents: 296 diff changeset	221 'legacy',
292 3e04f35dd0af Turn Fail2ban setup into a module IBBoard <dev@ibboard.co.uk> parents: diff changeset	222 'library',
3e04f35dd0af Turn Fail2ban setup into a module IBBoard <dev@ibboard.co.uk> parents: diff changeset	223 'libsys',
3e04f35dd0af Turn Fail2ban setup into a module IBBoard <dev@ibboard.co.uk> parents: diff changeset	224 'libuuid',
3e04f35dd0af Turn Fail2ban setup into a module IBBoard <dev@ibboard.co.uk> parents: diff changeset	225 'linode',
3e04f35dd0af Turn Fail2ban setup into a module IBBoard <dev@ibboard.co.uk> parents: diff changeset	226 'linux',
295 90525117ab81 Blacklist more SSH users IBBoard <dev@ibboard.co.uk> parents: 294 diff changeset	227 'localadmin',
297 4f7315d7e869 Blacklist LOTS of usernames IBBoard <dev@ibboard.co.uk> parents: 296 diff changeset	228 'logcheck',
292 3e04f35dd0af Turn Fail2ban setup into a module IBBoard <dev@ibboard.co.uk> parents: diff changeset	229 'login',
3e04f35dd0af Turn Fail2ban setup into a module IBBoard <dev@ibboard.co.uk> parents: diff changeset	230 'logout',
295 90525117ab81 Blacklist more SSH users IBBoard <dev@ibboard.co.uk> parents: 294 diff changeset	231 'logstash',
297 4f7315d7e869 Blacklist LOTS of usernames IBBoard <dev@ibboard.co.uk> parents: 296 diff changeset	232 'logview(er)?',
4f7315d7e869 Blacklist LOTS of usernames IBBoard <dev@ibboard.co.uk> parents: 296 diff changeset	233 'lsfadmin',
292 3e04f35dd0af Turn Fail2ban setup into a module IBBoard <dev@ibboard.co.uk> parents: diff changeset	234 'lynx',
297 4f7315d7e869 Blacklist LOTS of usernames IBBoard <dev@ibboard.co.uk> parents: 296 diff changeset	235 'magento',
292 3e04f35dd0af Turn Fail2ban setup into a module IBBoard <dev@ibboard.co.uk> parents: diff changeset	236 'mailer',
3e04f35dd0af Turn Fail2ban setup into a module IBBoard <dev@ibboard.co.uk> parents: diff changeset	237 'mailman',
297 4f7315d7e869 Blacklist LOTS of usernames IBBoard <dev@ibboard.co.uk> parents: 296 diff changeset	238 'mailtest',
292 3e04f35dd0af Turn Fail2ban setup into a module IBBoard <dev@ibboard.co.uk> parents: diff changeset	239 'maintain',
3e04f35dd0af Turn Fail2ban setup into a module IBBoard <dev@ibboard.co.uk> parents: diff changeset	240 'majordomo',
3e04f35dd0af Turn Fail2ban setup into a module IBBoard <dev@ibboard.co.uk> parents: diff changeset	241 'man',
3e04f35dd0af Turn Fail2ban setup into a module IBBoard <dev@ibboard.co.uk> parents: diff changeset	242 'mantis',
296 2f4d0ea4cb55 Blacklist Portuguese support, MapR, numbered Oracle and more IBBoard <dev@ibboard.co.uk> parents: 295 diff changeset	243 'mapruser',
292 3e04f35dd0af Turn Fail2ban setup into a module IBBoard <dev@ibboard.co.uk> parents: diff changeset	244 'marketing',
3e04f35dd0af Turn Fail2ban setup into a module IBBoard <dev@ibboard.co.uk> parents: diff changeset	245 'master',
3e04f35dd0af Turn Fail2ban setup into a module IBBoard <dev@ibboard.co.uk> parents: diff changeset	246 'membership',
297 4f7315d7e869 Blacklist LOTS of usernames IBBoard <dev@ibboard.co.uk> parents: 296 diff changeset	247 'messagebus',
292 3e04f35dd0af Turn Fail2ban setup into a module IBBoard <dev@ibboard.co.uk> parents: diff changeset	248 'minecraft',
305 38e35360a390 Blacklist hive, polkitd, cinstall and more as SSH logins IBBoard <dev@ibboard.co.uk> parents: 297 diff changeset	249 'mirc',
292 3e04f35dd0af Turn Fail2ban setup into a module IBBoard <dev@ibboard.co.uk> parents: diff changeset	250 'modem',
3e04f35dd0af Turn Fail2ban setup into a module IBBoard <dev@ibboard.co.uk> parents: diff changeset	251 'mongo(db\|user)?',
297 4f7315d7e869 Blacklist LOTS of usernames IBBoard <dev@ibboard.co.uk> parents: 296 diff changeset	252 'monitor(ing)?',
292 3e04f35dd0af Turn Fail2ban setup into a module IBBoard <dev@ibboard.co.uk> parents: diff changeset	253 'more',
3e04f35dd0af Turn Fail2ban setup into a module IBBoard <dev@ibboard.co.uk> parents: diff changeset	254 'moher',
3e04f35dd0af Turn Fail2ban setup into a module IBBoard <dev@ibboard.co.uk> parents: diff changeset	255 'mpiuser',
297 4f7315d7e869 Blacklist LOTS of usernames IBBoard <dev@ibboard.co.uk> parents: 296 diff changeset	256 'mqadm',
292 3e04f35dd0af Turn Fail2ban setup into a module IBBoard <dev@ibboard.co.uk> parents: diff changeset	257 'musi[ck]bot',
297 4f7315d7e869 Blacklist LOTS of usernames IBBoard <dev@ibboard.co.uk> parents: 296 diff changeset	258 '(my?\|pg)sq(ue)?l[0-9]*',
292 3e04f35dd0af Turn Fail2ban setup into a module IBBoard <dev@ibboard.co.uk> parents: diff changeset	259 'mythtv',
3e04f35dd0af Turn Fail2ban setup into a module IBBoard <dev@ibboard.co.uk> parents: diff changeset	260 'nagios',
297 4f7315d7e869 Blacklist LOTS of usernames IBBoard <dev@ibboard.co.uk> parents: 296 diff changeset	261 'named',
292 3e04f35dd0af Turn Fail2ban setup into a module IBBoard <dev@ibboard.co.uk> parents: diff changeset	262 'nasa',
296 2f4d0ea4cb55 Blacklist Portuguese support, MapR, numbered Oracle and more IBBoard <dev@ibboard.co.uk> parents: 295 diff changeset	263 'ncs',
297 4f7315d7e869 Blacklist LOTS of usernames IBBoard <dev@ibboard.co.uk> parents: 296 diff changeset	264 'nessus',
4f7315d7e869 Blacklist LOTS of usernames IBBoard <dev@ibboard.co.uk> parents: 296 diff changeset	265 'netadmin',
4f7315d7e869 Blacklist LOTS of usernames IBBoard <dev@ibboard.co.uk> parents: 296 diff changeset	266 'netdiag',
292 3e04f35dd0af Turn Fail2ban setup into a module IBBoard <dev@ibboard.co.uk> parents: diff changeset	267 'netdump',
297 4f7315d7e869 Blacklist LOTS of usernames IBBoard <dev@ibboard.co.uk> parents: 296 diff changeset	268 'network',
292 3e04f35dd0af Turn Fail2ban setup into a module IBBoard <dev@ibboard.co.uk> parents: diff changeset	269 'netzplatz',
3e04f35dd0af Turn Fail2ban setup into a module IBBoard <dev@ibboard.co.uk> parents: diff changeset	270 'newadmin',
295 90525117ab81 Blacklist more SSH users IBBoard <dev@ibboard.co.uk> parents: 294 diff changeset	271 'newuser',
292 3e04f35dd0af Turn Fail2ban setup into a module IBBoard <dev@ibboard.co.uk> parents: diff changeset	272 'nexus',
297 4f7315d7e869 Blacklist LOTS of usernames IBBoard <dev@ibboard.co.uk> parents: 296 diff changeset	273 'nfinity',
292 3e04f35dd0af Turn Fail2ban setup into a module IBBoard <dev@ibboard.co.uk> parents: diff changeset	274 'nfs',
3e04f35dd0af Turn Fail2ban setup into a module IBBoard <dev@ibboard.co.uk> parents: diff changeset	275 '(nfs)?nobody',
3e04f35dd0af Turn Fail2ban setup into a module IBBoard <dev@ibboard.co.uk> parents: diff changeset	276 'nginx',
3e04f35dd0af Turn Fail2ban setup into a module IBBoard <dev@ibboard.co.uk> parents: diff changeset	277 'noc',
297 4f7315d7e869 Blacklist LOTS of usernames IBBoard <dev@ibboard.co.uk> parents: 296 diff changeset	278 'node',
292 3e04f35dd0af Turn Fail2ban setup into a module IBBoard <dev@ibboard.co.uk> parents: diff changeset	279 'nothing',
3e04f35dd0af Turn Fail2ban setup into a module IBBoard <dev@ibboard.co.uk> parents: diff changeset	280 'NpC',
3e04f35dd0af Turn Fail2ban setup into a module IBBoard <dev@ibboard.co.uk> parents: diff changeset	281 'nux',
3e04f35dd0af Turn Fail2ban setup into a module IBBoard <dev@ibboard.co.uk> parents: diff changeset	282 'odoo',
3e04f35dd0af Turn Fail2ban setup into a module IBBoard <dev@ibboard.co.uk> parents: diff changeset	283 'odroid',
297 4f7315d7e869 Blacklist LOTS of usernames IBBoard <dev@ibboard.co.uk> parents: 296 diff changeset	284 'office',
4f7315d7e869 Blacklist LOTS of usernames IBBoard <dev@ibboard.co.uk> parents: 296 diff changeset	285 'omsagent',
292 3e04f35dd0af Turn Fail2ban setup into a module IBBoard <dev@ibboard.co.uk> parents: diff changeset	286 'onyxeye',
297 4f7315d7e869 Blacklist LOTS of usernames IBBoard <dev@ibboard.co.uk> parents: 296 diff changeset	287 'oozie',
292 3e04f35dd0af Turn Fail2ban setup into a module IBBoard <dev@ibboard.co.uk> parents: diff changeset	288 'openbravo',
294 d49def2d04ae Blacklist more SSH users IBBoard <dev@ibboard.co.uk> parents: 293 diff changeset	289 'openfire',
292 3e04f35dd0af Turn Fail2ban setup into a module IBBoard <dev@ibboard.co.uk> parents: diff changeset	290 'openvpn',
3e04f35dd0af Turn Fail2ban setup into a module IBBoard <dev@ibboard.co.uk> parents: diff changeset	291 'operador',
3e04f35dd0af Turn Fail2ban setup into a module IBBoard <dev@ibboard.co.uk> parents: diff changeset	292 'operator',
3e04f35dd0af Turn Fail2ban setup into a module IBBoard <dev@ibboard.co.uk> parents: diff changeset	293 'ops(code)?',
3e04f35dd0af Turn Fail2ban setup into a module IBBoard <dev@ibboard.co.uk> parents: diff changeset	294 'oprofile',
297 4f7315d7e869 Blacklist LOTS of usernames IBBoard <dev@ibboard.co.uk> parents: 296 diff changeset	295 'ora(cle\|prod\|vis)[0-9]*',
292 3e04f35dd0af Turn Fail2ban setup into a module IBBoard <dev@ibboard.co.uk> parents: diff changeset	296 'osmc',
295 90525117ab81 Blacklist more SSH users IBBoard <dev@ibboard.co.uk> parents: 294 diff changeset	297 'owncloud',
292 3e04f35dd0af Turn Fail2ban setup into a module IBBoard <dev@ibboard.co.uk> parents: diff changeset	298 'papernet',
297 4f7315d7e869 Blacklist LOTS of usernames IBBoard <dev@ibboard.co.uk> parents: 296 diff changeset	299 'passwo?r?d',
292 3e04f35dd0af Turn Fail2ban setup into a module IBBoard <dev@ibboard.co.uk> parents: diff changeset	300 'payments',
3e04f35dd0af Turn Fail2ban setup into a module IBBoard <dev@ibboard.co.uk> parents: diff changeset	301 'pay_?pal',
294 d49def2d04ae Blacklist more SSH users IBBoard <dev@ibboard.co.uk> parents: 293 diff changeset	302 'pdfbox',
292 3e04f35dd0af Turn Fail2ban setup into a module IBBoard <dev@ibboard.co.uk> parents: diff changeset	303 'pentaho',
297 4f7315d7e869 Blacklist LOTS of usernames IBBoard <dev@ibboard.co.uk> parents: 296 diff changeset	304 'php[0-9]*',
4f7315d7e869 Blacklist LOTS of usernames IBBoard <dev@ibboard.co.uk> parents: 296 diff changeset	305 'platform',
292 3e04f35dd0af Turn Fail2ban setup into a module IBBoard <dev@ibboard.co.uk> parents: diff changeset	306 'PlcmSpIp(PlcmSpIp)?',
297 4f7315d7e869 Blacklist LOTS of usernames IBBoard <dev@ibboard.co.uk> parents: 296 diff changeset	307 'plex',
305 38e35360a390 Blacklist hive, polkitd, cinstall and more as SSH logins IBBoard <dev@ibboard.co.uk> parents: 297 diff changeset	308 'polkitd?',
297 4f7315d7e869 Blacklist LOTS of usernames IBBoard <dev@ibboard.co.uk> parents: 296 diff changeset	309 'popd?3?',
292 3e04f35dd0af Turn Fail2ban setup into a module IBBoard <dev@ibboard.co.uk> parents: diff changeset	310 'popuser',
3e04f35dd0af Turn Fail2ban setup into a module IBBoard <dev@ibboard.co.uk> parents: diff changeset	311 'postfix',
297 4f7315d7e869 Blacklist LOTS of usernames IBBoard <dev@ibboard.co.uk> parents: 296 diff changeset	312 'p0stgr3s',
292 3e04f35dd0af Turn Fail2ban setup into a module IBBoard <dev@ibboard.co.uk> parents: diff changeset	313 'postgres',
3e04f35dd0af Turn Fail2ban setup into a module IBBoard <dev@ibboard.co.uk> parents: diff changeset	314 'postmaster',
297 4f7315d7e869 Blacklist LOTS of usernames IBBoard <dev@ibboard.co.uk> parents: 296 diff changeset	315 'pptpd',
292 3e04f35dd0af Turn Fail2ban setup into a module IBBoard <dev@ibboard.co.uk> parents: diff changeset	316 'print',
3e04f35dd0af Turn Fail2ban setup into a module IBBoard <dev@ibboard.co.uk> parents: diff changeset	317 'privoxy',
3e04f35dd0af Turn Fail2ban setup into a module IBBoard <dev@ibboard.co.uk> parents: diff changeset	318 'proba',
3e04f35dd0af Turn Fail2ban setup into a module IBBoard <dev@ibboard.co.uk> parents: diff changeset	319 'proxy',
295 90525117ab81 Blacklist more SSH users IBBoard <dev@ibboard.co.uk> parents: 294 diff changeset	320 'public',
292 3e04f35dd0af Turn Fail2ban setup into a module IBBoard <dev@ibboard.co.uk> parents: diff changeset	321 'puppet',
3e04f35dd0af Turn Fail2ban setup into a module IBBoard <dev@ibboard.co.uk> parents: diff changeset	322 'qhsupport',
3e04f35dd0af Turn Fail2ban setup into a module IBBoard <dev@ibboard.co.uk> parents: diff changeset	323 'rabbit(mq)?',
3e04f35dd0af Turn Fail2ban setup into a module IBBoard <dev@ibboard.co.uk> parents: diff changeset	324 'radiusd?',
297 4f7315d7e869 Blacklist LOTS of usernames IBBoard <dev@ibboard.co.uk> parents: 296 diff changeset	325 'readonly',
4f7315d7e869 Blacklist LOTS of usernames IBBoard <dev@ibboard.co.uk> parents: 296 diff changeset	326 'reboot',
4f7315d7e869 Blacklist LOTS of usernames IBBoard <dev@ibboard.co.uk> parents: 296 diff changeset	327 'recording',
292 3e04f35dd0af Turn Fail2ban setup into a module IBBoard <dev@ibboard.co.uk> parents: diff changeset	328 'redis',
3e04f35dd0af Turn Fail2ban setup into a module IBBoard <dev@ibboard.co.uk> parents: diff changeset	329 'redmine',
297 4f7315d7e869 Blacklist LOTS of usernames IBBoard <dev@ibboard.co.uk> parents: 296 diff changeset	330 'remote',
4f7315d7e869 Blacklist LOTS of usernames IBBoard <dev@ibboard.co.uk> parents: 296 diff changeset	331 'reports',
292 3e04f35dd0af Turn Fail2ban setup into a module IBBoard <dev@ibboard.co.uk> parents: diff changeset	332 'riakcs',
3e04f35dd0af Turn Fail2ban setup into a module IBBoard <dev@ibboard.co.uk> parents: diff changeset	333 'root[0-9]+',
3e04f35dd0af Turn Fail2ban setup into a module IBBoard <dev@ibboard.co.uk> parents: diff changeset	334 'rpc(user)?',
297 4f7315d7e869 Blacklist LOTS of usernames IBBoard <dev@ibboard.co.uk> parents: 296 diff changeset	335 'rpm',
292 3e04f35dd0af Turn Fail2ban setup into a module IBBoard <dev@ibboard.co.uk> parents: diff changeset	336 'RPM',
3e04f35dd0af Turn Fail2ban setup into a module IBBoard <dev@ibboard.co.uk> parents: diff changeset	337 'rtorrent',
3e04f35dd0af Turn Fail2ban setup into a module IBBoard <dev@ibboard.co.uk> parents: diff changeset	338 'rustserver',
3e04f35dd0af Turn Fail2ban setup into a module IBBoard <dev@ibboard.co.uk> parents: diff changeset	339 'sales[0-9]+',
3e04f35dd0af Turn Fail2ban setup into a module IBBoard <dev@ibboard.co.uk> parents: diff changeset	340 's?bin',
297 4f7315d7e869 Blacklist LOTS of usernames IBBoard <dev@ibboard.co.uk> parents: 296 diff changeset	341 '(samba\|sshd\|git\|student\|tomcat\|abc\|web\|info\|(vpn\|appl?\|my\|db)?(dev\|use?r\|server\|man\|manager\|mgr)\|account)[0-9]*',
292 3e04f35dd0af Turn Fail2ban setup into a module IBBoard <dev@ibboard.co.uk> parents: diff changeset	342 'saslauth',
297 4f7315d7e869 Blacklist LOTS of usernames IBBoard <dev@ibboard.co.uk> parents: 296 diff changeset	343 'scan(n?er)?',
292 3e04f35dd0af Turn Fail2ban setup into a module IBBoard <dev@ibboard.co.uk> parents: diff changeset	344 'screen',
3e04f35dd0af Turn Fail2ban setup into a module IBBoard <dev@ibboard.co.uk> parents: diff changeset	345 'search',
297 4f7315d7e869 Blacklist LOTS of usernames IBBoard <dev@ibboard.co.uk> parents: 296 diff changeset	346 'sekretariat',
294 d49def2d04ae Blacklist more SSH users IBBoard <dev@ibboard.co.uk> parents: 293 diff changeset	347 'serverpilot',
292 3e04f35dd0af Turn Fail2ban setup into a module IBBoard <dev@ibboard.co.uk> parents: diff changeset	348 'service',
305 38e35360a390 Blacklist hive, polkitd, cinstall and more as SSH logins IBBoard <dev@ibboard.co.uk> parents: 297 diff changeset	349 'setup',
297 4f7315d7e869 Blacklist LOTS of usernames IBBoard <dev@ibboard.co.uk> parents: 296 diff changeset	350 '(s\|u\|ams\|admin\|inss\|pro\|web)?ftp(d\|[_-]?use?r\|home\|_?test\|immo)?[0-9]*',
292 3e04f35dd0af Turn Fail2ban setup into a module IBBoard <dev@ibboard.co.uk> parents: diff changeset	351 'sftponly',
3e04f35dd0af Turn Fail2ban setup into a module IBBoard <dev@ibboard.co.uk> parents: diff changeset	352 'shell',
3e04f35dd0af Turn Fail2ban setup into a module IBBoard <dev@ibboard.co.uk> parents: diff changeset	353 'shop',
297 4f7315d7e869 Blacklist LOTS of usernames IBBoard <dev@ibboard.co.uk> parents: 296 diff changeset	354 'sinusbot[0-9]*',
324 b0928653dfc2 Blacklist more users, including sshd, ftpadmin and a cPanel tool IBBoard <dev@ibboard.co.uk> parents: 308 diff changeset	355 'sirius',
297 4f7315d7e869 Blacklist LOTS of usernames IBBoard <dev@ibboard.co.uk> parents: 296 diff changeset	356 'smbguest',
4f7315d7e869 Blacklist LOTS of usernames IBBoard <dev@ibboard.co.uk> parents: 296 diff changeset	357 'smbuse?r',
292 3e04f35dd0af Turn Fail2ban setup into a module IBBoard <dev@ibboard.co.uk> parents: diff changeset	358 'smmsp',
3e04f35dd0af Turn Fail2ban setup into a module IBBoard <dev@ibboard.co.uk> parents: diff changeset	359 'socket',
3e04f35dd0af Turn Fail2ban setup into a module IBBoard <dev@ibboard.co.uk> parents: diff changeset	360 'software',
3e04f35dd0af Turn Fail2ban setup into a module IBBoard <dev@ibboard.co.uk> parents: diff changeset	361 'solarus',
308 edd1e3b444e7 Blacklist more users on SSH including bugzilla IBBoard <dev@ibboard.co.uk> parents: 305 diff changeset	362 'speech-dispatcher',
292 3e04f35dd0af Turn Fail2ban setup into a module IBBoard <dev@ibboard.co.uk> parents: diff changeset	363 'splunk',
297 4f7315d7e869 Blacklist LOTS of usernames IBBoard <dev@ibboard.co.uk> parents: 296 diff changeset	364 'sprummlbot',
292 3e04f35dd0af Turn Fail2ban setup into a module IBBoard <dev@ibboard.co.uk> parents: diff changeset	365 'squid',
297 4f7315d7e869 Blacklist LOTS of usernames IBBoard <dev@ibboard.co.uk> parents: 296 diff changeset	366 'squirrelmail[0-9]+',
4f7315d7e869 Blacklist LOTS of usernames IBBoard <dev@ibboard.co.uk> parents: 296 diff changeset	367 'srvadmin',
324 b0928653dfc2 Blacklist more users, including sshd, ftpadmin and a cPanel tool IBBoard <dev@ibboard.co.uk> parents: 308 diff changeset	368 'sshd',
292 3e04f35dd0af Turn Fail2ban setup into a module IBBoard <dev@ibboard.co.uk> parents: diff changeset	369 'sshusr',
3e04f35dd0af Turn Fail2ban setup into a module IBBoard <dev@ibboard.co.uk> parents: diff changeset	370 'staffc',
3e04f35dd0af Turn Fail2ban setup into a module IBBoard <dev@ibboard.co.uk> parents: diff changeset	371 'steam(cmd)?',
3e04f35dd0af Turn Fail2ban setup into a module IBBoard <dev@ibboard.co.uk> parents: diff changeset	372 'store',
297 4f7315d7e869 Blacklist LOTS of usernames IBBoard <dev@ibboard.co.uk> parents: 296 diff changeset	373 'stunnel',
292 3e04f35dd0af Turn Fail2ban setup into a module IBBoard <dev@ibboard.co.uk> parents: diff changeset	374 'superuser',
296 2f4d0ea4cb55 Blacklist Portuguese support, MapR, numbered Oracle and more IBBoard <dev@ibboard.co.uk> parents: 295 diff changeset	375 'suporte',
292 3e04f35dd0af Turn Fail2ban setup into a module IBBoard <dev@ibboard.co.uk> parents: diff changeset	376 'support',
297 4f7315d7e869 Blacklist LOTS of usernames IBBoard <dev@ibboard.co.uk> parents: 296 diff changeset	377 'svn(root)?',
293 55762b436f89 Add more blacklisted SSH usernames IBBoard <dev@ibboard.co.uk> parents: 292 diff changeset	378 'sybase',
297 4f7315d7e869 Blacklist LOTS of usernames IBBoard <dev@ibboard.co.uk> parents: 296 diff changeset	379 'sync[0-9]*',
292 3e04f35dd0af Turn Fail2ban setup into a module IBBoard <dev@ibboard.co.uk> parents: diff changeset	380 'sysadmin',
3e04f35dd0af Turn Fail2ban setup into a module IBBoard <dev@ibboard.co.uk> parents: diff changeset	381 'system',
305 38e35360a390 Blacklist hive, polkitd, cinstall and more as SSH logins IBBoard <dev@ibboard.co.uk> parents: 297 diff changeset	382 'teamspeak[234]?(-?use?r)?',
292 3e04f35dd0af Turn Fail2ban setup into a module IBBoard <dev@ibboard.co.uk> parents: diff changeset	383 'telkom',
297 4f7315d7e869 Blacklist LOTS of usernames IBBoard <dev@ibboard.co.uk> parents: 296 diff changeset	384 'telnetd?',
4f7315d7e869 Blacklist LOTS of usernames IBBoard <dev@ibboard.co.uk> parents: 296 diff changeset	385 'te?mp(use?r)?[0-9]*',
305 38e35360a390 Blacklist hive, polkitd, cinstall and more as SSH logins IBBoard <dev@ibboard.co.uk> parents: 297 diff changeset	386 'test((er?\|ing\|ftp\|man\|linux\|use?r\|u)[0-9]*\|[0-9]+)?',
292 3e04f35dd0af Turn Fail2ban setup into a module IBBoard <dev@ibboard.co.uk> parents: diff changeset	387 '(test)?username',
3e04f35dd0af Turn Fail2ban setup into a module IBBoard <dev@ibboard.co.uk> parents: diff changeset	388 'text',
3e04f35dd0af Turn Fail2ban setup into a module IBBoard <dev@ibboard.co.uk> parents: diff changeset	389 'tomcat',
3e04f35dd0af Turn Fail2ban setup into a module IBBoard <dev@ibboard.co.uk> parents: diff changeset	390 'tools',
3e04f35dd0af Turn Fail2ban setup into a module IBBoard <dev@ibboard.co.uk> parents: diff changeset	391 'toor',
297 4f7315d7e869 Blacklist LOTS of usernames IBBoard <dev@ibboard.co.uk> parents: 296 diff changeset	392 'ts[23](se?rv(er)?\|(musi[ck])?bot\|sleep)?',
4f7315d7e869 Blacklist LOTS of usernames IBBoard <dev@ibboard.co.uk> parents: 296 diff changeset	393 'tss',
292 3e04f35dd0af Turn Fail2ban setup into a module IBBoard <dev@ibboard.co.uk> parents: diff changeset	394 'tunstall',
3e04f35dd0af Turn Fail2ban setup into a module IBBoard <dev@ibboard.co.uk> parents: diff changeset	395 'ubnt',
3e04f35dd0af Turn Fail2ban setup into a module IBBoard <dev@ibboard.co.uk> parents: diff changeset	396 'ubuntu',
3e04f35dd0af Turn Fail2ban setup into a module IBBoard <dev@ibboard.co.uk> parents: diff changeset	397 'unity',
297 4f7315d7e869 Blacklist LOTS of usernames IBBoard <dev@ibboard.co.uk> parents: 296 diff changeset	398 'universitaetsrechenzentrum', # University Computing Center
4f7315d7e869 Blacklist LOTS of usernames IBBoard <dev@ibboard.co.uk> parents: 296 diff changeset	399 'upload[0-9]*',
4f7315d7e869 Blacklist LOTS of usernames IBBoard <dev@ibboard.co.uk> parents: 296 diff changeset	400 'user[0-9]*',
292 3e04f35dd0af Turn Fail2ban setup into a module IBBoard <dev@ibboard.co.uk> parents: diff changeset	401 'USERID',
297 4f7315d7e869 Blacklist LOTS of usernames IBBoard <dev@ibboard.co.uk> parents: 296 diff changeset	402 'username',
292 3e04f35dd0af Turn Fail2ban setup into a module IBBoard <dev@ibboard.co.uk> parents: diff changeset	403 'usuario',
3e04f35dd0af Turn Fail2ban setup into a module IBBoard <dev@ibboard.co.uk> parents: diff changeset	404 'uucp',
3e04f35dd0af Turn Fail2ban setup into a module IBBoard <dev@ibboard.co.uk> parents: diff changeset	405 'vagrant',
3e04f35dd0af Turn Fail2ban setup into a module IBBoard <dev@ibboard.co.uk> parents: diff changeset	406 'vbox',
3e04f35dd0af Turn Fail2ban setup into a module IBBoard <dev@ibboard.co.uk> parents: diff changeset	407 'ventrilo',
3e04f35dd0af Turn Fail2ban setup into a module IBBoard <dev@ibboard.co.uk> parents: diff changeset	408 'vhbackup',
3e04f35dd0af Turn Fail2ban setup into a module IBBoard <dev@ibboard.co.uk> parents: diff changeset	409 'virusalter',
3e04f35dd0af Turn Fail2ban setup into a module IBBoard <dev@ibboard.co.uk> parents: diff changeset	410 'vmadmin',
3e04f35dd0af Turn Fail2ban setup into a module IBBoard <dev@ibboard.co.uk> parents: diff changeset	411 'vmail',
297 4f7315d7e869 Blacklist LOTS of usernames IBBoard <dev@ibboard.co.uk> parents: 296 diff changeset	412 'vscan',
292 3e04f35dd0af Turn Fail2ban setup into a module IBBoard <dev@ibboard.co.uk> parents: diff changeset	413 'vyatta',
3e04f35dd0af Turn Fail2ban setup into a module IBBoard <dev@ibboard.co.uk> parents: diff changeset	414 'wanadoo',
308 edd1e3b444e7 Blacklist more users on SSH including bugzilla IBBoard <dev@ibboard.co.uk> parents: 305 diff changeset	415 'web',
292 3e04f35dd0af Turn Fail2ban setup into a module IBBoard <dev@ibboard.co.uk> parents: diff changeset	416 'weblogic',
3e04f35dd0af Turn Fail2ban setup into a module IBBoard <dev@ibboard.co.uk> parents: diff changeset	417 'webmaster',
297 4f7315d7e869 Blacklist LOTS of usernames IBBoard <dev@ibboard.co.uk> parents: 296 diff changeset	418 'webportal',
292 3e04f35dd0af Turn Fail2ban setup into a module IBBoard <dev@ibboard.co.uk> parents: diff changeset	419 'WinD3str0y',
3e04f35dd0af Turn Fail2ban setup into a module IBBoard <dev@ibboard.co.uk> parents: diff changeset	420 'wine',
297 4f7315d7e869 Blacklist LOTS of usernames IBBoard <dev@ibboard.co.uk> parents: 296 diff changeset	421 'wordpress',
292 3e04f35dd0af Turn Fail2ban setup into a module IBBoard <dev@ibboard.co.uk> parents: diff changeset	422 'wp-?user',
3e04f35dd0af Turn Fail2ban setup into a module IBBoard <dev@ibboard.co.uk> parents: diff changeset	423 'write',
3e04f35dd0af Turn Fail2ban setup into a module IBBoard <dev@ibboard.co.uk> parents: diff changeset	424 'www',
297 4f7315d7e869 Blacklist LOTS of usernames IBBoard <dev@ibboard.co.uk> parents: 296 diff changeset	425 'wwAdmin',
4f7315d7e869 Blacklist LOTS of usernames IBBoard <dev@ibboard.co.uk> parents: 296 diff changeset	426 '(www\|web\|coin\|fax\|sys\|db2\|rsync\|tc)-?(adm(in)?\|run\|users?\|data\|[0-9]+)',
292 3e04f35dd0af Turn Fail2ban setup into a module IBBoard <dev@ibboard.co.uk> parents: diff changeset	427 'xbian',
3e04f35dd0af Turn Fail2ban setup into a module IBBoard <dev@ibboard.co.uk> parents: diff changeset	428 'xbot',
297 4f7315d7e869 Blacklist LOTS of usernames IBBoard <dev@ibboard.co.uk> parents: 296 diff changeset	429 'xmpp',
292 3e04f35dd0af Turn Fail2ban setup into a module IBBoard <dev@ibboard.co.uk> parents: diff changeset	430 'xoadmin',
3e04f35dd0af Turn Fail2ban setup into a module IBBoard <dev@ibboard.co.uk> parents: diff changeset	431 'yahoo',
3e04f35dd0af Turn Fail2ban setup into a module IBBoard <dev@ibboard.co.uk> parents: diff changeset	432 'yarn',
3e04f35dd0af Turn Fail2ban setup into a module IBBoard <dev@ibboard.co.uk> parents: diff changeset	433 'zabbix',
3e04f35dd0af Turn Fail2ban setup into a module IBBoard <dev@ibboard.co.uk> parents: diff changeset	434 'zimbra',
3e04f35dd0af Turn Fail2ban setup into a module IBBoard <dev@ibboard.co.uk> parents: diff changeset	435 'zookeeper',
297 4f7315d7e869 Blacklist LOTS of usernames IBBoard <dev@ibboard.co.uk> parents: 296 diff changeset	436 # And some passwords that turned up as usernames
4f7315d7e869 Blacklist LOTS of usernames IBBoard <dev@ibboard.co.uk> parents: 296 diff changeset	437 '1q2w3e4r',
4f7315d7e869 Blacklist LOTS of usernames IBBoard <dev@ibboard.co.uk> parents: 296 diff changeset	438 'abc123',
292 3e04f35dd0af Turn Fail2ban setup into a module IBBoard <dev@ibboard.co.uk> parents: diff changeset	439 '0fordn1on@#\$%%\^&',
3e04f35dd0af Turn Fail2ban setup into a module IBBoard <dev@ibboard.co.uk> parents: diff changeset	440 'P@\$\$w0rd',
297 4f7315d7e869 Blacklist LOTS of usernames IBBoard <dev@ibboard.co.uk> parents: 296 diff changeset	441 'P@ssword1!',
4f7315d7e869 Blacklist LOTS of usernames IBBoard <dev@ibboard.co.uk> parents: 296 diff changeset	442 'Passwd123',
4f7315d7e869 Blacklist LOTS of usernames IBBoard <dev@ibboard.co.uk> parents: 296 diff changeset	443 'pass123?4?',
4f7315d7e869 Blacklist LOTS of usernames IBBoard <dev@ibboard.co.uk> parents: 296 diff changeset	444 'qwer?[0-9]+',
292 3e04f35dd0af Turn Fail2ban setup into a module IBBoard <dev@ibboard.co.uk> parents: diff changeset	445 ]
3e04f35dd0af Turn Fail2ban setup into a module IBBoard <dev@ibboard.co.uk> parents: diff changeset	446
3e04f35dd0af Turn Fail2ban setup into a module IBBoard <dev@ibboard.co.uk> parents: diff changeset	447 file { '/etc/fail2ban/filter.d/ibb-sshd-bad-user.conf':
3e04f35dd0af Turn Fail2ban setup into a module IBBoard <dev@ibboard.co.uk> parents: diff changeset	448 content => epp('fail2ban/ibb-sshd-bad-user.epp', { 'bad_users' => $bad_users }),
3e04f35dd0af Turn Fail2ban setup into a module IBBoard <dev@ibboard.co.uk> parents: diff changeset	449 }
3e04f35dd0af Turn Fail2ban setup into a module IBBoard <dev@ibboard.co.uk> parents: diff changeset	450 # Because one of our rules checks fail2ban's log, but the service dies without the file
3e04f35dd0af Turn Fail2ban setup into a module IBBoard <dev@ibboard.co.uk> parents: diff changeset	451 file { '/var/log/fail2ban.log':
3e04f35dd0af Turn Fail2ban setup into a module IBBoard <dev@ibboard.co.uk> parents: diff changeset	452 ensure => present,
3e04f35dd0af Turn Fail2ban setup into a module IBBoard <dev@ibboard.co.uk> parents: diff changeset	453 owner => 'root',
3e04f35dd0af Turn Fail2ban setup into a module IBBoard <dev@ibboard.co.uk> parents: diff changeset	454 group => 'root',
3e04f35dd0af Turn Fail2ban setup into a module IBBoard <dev@ibboard.co.uk> parents: diff changeset	455 mode => '0600',
3e04f35dd0af Turn Fail2ban setup into a module IBBoard <dev@ibboard.co.uk> parents: diff changeset	456 }
3e04f35dd0af Turn Fail2ban setup into a module IBBoard <dev@ibboard.co.uk> parents: diff changeset	457 }

Mercurial > repos > other > Puppet

annotate modules/fail2ban/manifests/init.pp @ 324:b0928653dfc2