Fail2Ban on Centos

Fail2Ban is a small service to block unwanted traffic to you server. I use it to block ssh,and postfix loggins in to my virtual hosts.
Fail2Ban scans the service loggfiles and if it find any strange traffik like ssh bruteforce. That ip will be blocket for some time.
All settings are done in /etc/fail2ban/ folder.


Have  epel repo aktivated on server tha run

 yum install fail2ban

Then do your local config in

vi /etc/fail2ban/jail.conf

Activate and restart fail2ban

chkonfig fail2ban on
/etc/init.d/fail2ban restart


If you looking for more advanced host based monitoring OSSEC ( )is i realy nice tool
And it handels many agente to one server.