Fail2ban
Fail2ban rules are used to prevent SSH Brute Force.
SSH Brute Force means that attackers will try many passwords or pass-phrases to compromise the SSH login information of YMP. The attacker systematically checks all possible passwords and pass-phrases until the correct one is found.
Go to , the default Fail2ban rule is displayed as below.
If an IP exceeds 5 failed SSH login attempts within 10 minutes, the IP will be blocked for 10 minutes.
- Banned Duration: Configure the duration (in minutes) for an IP to be banned for. "0" means a permanent ban.
- Max Retry Duration: During the specific period, if an IP exceeds the maximum times of retry, the IP will be banned.
- Max Retry: The maximum number of attempts to access the server.