This is just beautiful. The project uses #MariaDB to store all the collected data. It makes heavy use of #API endpoints which will be a top priority not only for the internal workings. My focus mostly lies in making this as flexible as possible so people can configure it exactly as they need it. Configuration will be in #yaml.

What i got so far is:

• packet capturing (from client, sent to the control server)
• a webhook (which will be a drop-in replacement for #Discord's since a lot of services support sending logs to discord webhooks)

What's planned:

• Log file monitoring (like #Fail2Ban, but more advanced and easier to configure)
• A fully featured dashboard which visualizes the data and gives you control and a transparent overview of your network activity.
• IP banning (multiple ways to make it flexible)
• Maybe even some advanced responses (like reporting all ports as open for nmap scans)

I would be very interested to know what you think. Ideas, criticism and questions are very welcome. As soon as the base is working, i will push it to #Github.

#developement #coding #sideproject #homelab #security #networking #monitoring #xdr

I've already done a webhook similar to #discord's and will also implement #logfile #monitoring to replace #Fail2Ban.

On average, my primary public-facing reverse proxy has around 1,200 banned IPs (via fail2ban.)

#fail2ban #cybersecurity #security

God damn i never liked notifications until now.

#fail2ban #security #ip #ban #automation #sysadmin #linux #abuseipdb

I finally finished my #Fail2Ban setup and am quite happy with the result. I've got #discord and #email notifications, global IP banning (on all servers) and automatic reporting to #abuseipdb based on multiple factors. This is awesome.

I'm so happy that i took the time to set up #Authelia as it's a breeze to #protect a single #endpoint and cover 70-80% of all services.

#homelab #selfhosting #linux #security #sso #oidc #OpenIDConnect

I came across the #Fail2Ban #docker image from #linuxserverio and thought to myself that it's finally time to set up Fail2Ban. I admit i never used it before and it was a bit difficult to add it to my #playbook as all of my #servers have different services and therefore different #logfile paths, but that's nothing #jinja #templating can't fix.

Now that i've got #Discord notifications for banned #IPs, it's time to work on actual #IPblocking. I also want to use the #IPComplaint and #AbuseIPDB actions as i really like the idea of reporting abuse (even though i have no idea how effective that may be).

I may also want to replace the discord #webhook with #email notifications later as that's mostly the reason i've set up a #mailserver ( #stalwart ) in the first place.

I mean, most of my services are only accessible from #tailscale or my #homenetwork, but since #Ansible makes it so much easier to apply higher standards, i just can't resist. My #homelab is changing every day and i think setting up additional #security, even though i don't need it yet, is never a bad idea.

#networking #badactors #firewall #automation #linux #selfhosting #homeserver

Anyone out there have experience writing custom filters for fail2ban? I trying to write my first one for Apache on AlmaLinux 8 and running into problems. I’m not sure if the problem is the regex or the fact that I’m trying to scan multiple log files using wildcards in the logpath. I would be happy to pay for a few hours of consulting time. #SysAdmin #fail2ban

Thanks to #sourcehut support, who suggested I might have a #fail2ban rule blocking their server and indeed I had. I had such tunnel vision from the blocklist it never occured to me to check...

#reaction 's v2.0.0 is published!
In the article: #rust rewrite, #nlnet grant and roadmap for upcoming months.

reaction is a software which aims to replace #fail2ban on UNIX servers, while being faster, more flexible, an ncier to configure.

https://blog.ppom.me/en-reaction-v2

Many thanks to @nlnet for their support!

La v2.0.0 de #reaction est publiée !
Au programme : réécriture en #rust, subvention de #nlnet, et roadmap pour les mois à venir.

reaction est un logiciel qui vise à remplacer #fail2ban sur les serveurs UNIX, en étant plus rapide, plus flexible, et plus agréable à configurer.

https://blog.ppom.me/fr-reaction-v2

More UI improvements

Added possibility to sort the banned entries

https://github.com/webishdev/fail2ban-dashboard

#fail2ban #security #golang #docker #podman #container

Hace algunos días habilité fail2ban en un servidor que tengo en la nube. Hoy revisé los logs y me parece realmente impresionante la cantidad de intentos de login que hay.

#fail2ban #Linux

Ein neuer Forumbeitrag: https://linux-nerds.org/topic/1704/debian-12-fail2ban #debian #linux #fail2ban

@osm_tech please also integrate #Anubis or similar to frustrate AI scrapers. I too would like to read the cause and remediation in detail with rationae for #fail2ban if you can.

Fixed. The #OSM wiki.openstreetmap.org is back up to speed. We've been able to mitigate the bot traffic. #fail2ban

Improved the UI a bit 😃

Now with flags 😅 ☺️

https://github.com/webishdev/fail2ban-dashboard

#fail2ban #dashboard #golang #security

Unfortunately the #OpenStreetMap wiki is very slow today. We are fighting an aggressive web scraper bot. 10,000 of IPs involved. Randomised User-Agent. Ignoring robots.txt #aibot #ddos

Update: Fixed. We've been able to mitigate the bot traffic. #fail2ban

Oletushostin piilottaminen maailmalta Ngxillä

https://www.eksis.one/palvelimet/oletushostin-piilottaminen-maailmalta-ngxilla/

Das schöne ist, wenn fail2ban funktioniert. Das schlechte daran: Wenn fail2ban funktioniert.

Dicke Wurstfinger und Passworteingabe vor dem dritten Kaffee...

#ausgesperrt #fail2ban #linux #opensource #security

Cum să preveniți atacurile Brute-Force folosind Fail2ban

https://comunitatealinux.ro/cum-sa-preveniti-atacurile-brute-force-folosind-fail2ban/