Mercurial > repos > other > Puppet
view common/fail2ban/ibb-sshd-bad-user.conf @ 199:69df692e9c09 puppet-3.6
Blacklist more usernames we'll never see that come in SSH probes
| author | IBBoard <dev@ibboard.co.uk> |
|---|---|
| date | Sat, 11 May 2019 09:17:38 +0100 |
| parents | 23c4f6a38b57 |
| children | 80b2fdd7ddfd |
line wrap: on
line source
# Fail2Ban configuration file # Author: IBBoard [Definition] # Option: failregex # Notes.: regex to match the password failures messages in the logfile. The # host must be matched by a group named "host". The tag "<HOST>" can # be used for standard IP/hostname matching and is only an alias for # (?:::f{4,6}:)?(?P<host>[\w\-.^_]+) # Values: TEXT # failregex = Failed password for invalid user ([0-9a-z][0-9a-z]?|ec2-user|postgres|oracle|nagios|git(olit|lab)?|ftpuser|hadoop|zabbix|student|ubuntu|teamspeak3?|ts3(server|bot)?|jsboss|guest|csgo(server|srv)|minecraft|tomcat|applmgr|usuario|nexus|weblogic|vagrant|zimbra|jira|vyatta|qhsupport|cemergen|redmine|sinusbot|debian|asterisk|aptproxy|facebook|linode|kodi|mongodb|oraprod|proftpd|weblogic|harvard) from <HOST> port [0-9]+ ssh2 # Option: ignoreregex # Notes.: regex to ignore. If this regex matches, the line is ignored. # Values: TEXT # ignoreregex =