Afficher la réponse de fail2ban client d sur une installation par défaut

De Analyse Développement Hacking
Sauter à la navigation Sauter à la recherche
Consulter le wiki : Accueil du wiki - Objectifs - Administrateur - Bureautique - Développeur - Intégrateur - Marketing - Multimédia - Objets numériques - Jeux - We make Hack
Consulter le site : Accueil du site - Annuaire - Blog - Forum - Outils - Utilisateur     Consulter le Redmine : Accueil du Redmine

Afficher la réponse de fail2ban client d sur une installation par défaut

Installation par défaut sur GNU/Linux Mint Sarah.

fail2ban-client -d
['set', 'syslogsocket', 'auto']
['set', 'loglevel', 'INFO']
['set', 'logtarget', '/var/log/fail2ban.log']
['set', 'dbfile', '/var/lib/fail2ban/fail2ban.sqlite3']
['set', 'dbpurgeage', 86400]
['add', 'sshd', 'auto']
['set', 'sshd', 'findtime', 600]
['set', 'sshd', 'addlogpath', '/var/log/auth.log', 'head']
['set', 'sshd', 'ignorecommand', ]
['set', 'sshd', 'bantime', 600]
['set', 'sshd', 'addignoreip', '127.0.0.1/8']
['set', 'sshd', 'maxretry', 5]
['set', 'sshd', 'usedns', 'warn']
['set', 'sshd', 'logencoding', 'auto']
['set', 'sshd', 'maxlines', '10']
['set', 'sshd', 'addfailregex', '^\\s*(< [^.]+\\. [^.]+>)?\\s*(?:\\S+ )?(?:kernel: \\ [ *\\d+\\.\\d+\\] )?(?:@vserver_\\S+ )?(?:(?:\\ [\\d+\\])?:\\s+ [\\ [\\(]?sshd(?:\\(\\S+\\))? [\\]\\)]?:?| [\\ [\\(]?sshd(?:\\(\\S+\\))? [\\]\\)]?:?(?:\\ [\\d+\\])?:?)?\\s(?:\\ [ID \\d+ \\S+\\])?\\s*(?:error: PAM: )? [aA]uthentication (?:failure|error) for .* from <HOST>( via \\S+)?\\s*$']
['set', 'sshd', 'addfailregex', '^\\s*(< [^.]+\\. [^.]+>)?\\s*(?:\\S+ )?(?:kernel: \\ [ *\\d+\\.\\d+\\] )?(?:@vserver_\\S+ )?(?:(?:\\ [\\d+\\])?:\\s+ [\\ [\\(]?sshd(?:\\(\\S+\\))? [\\]\\)]?:?| [\\ [\\(]?sshd(?:\\(\\S+\\))? [\\]\\)]?:?(?:\\ [\\d+\\])?:?)?\\s(?:\\ [ID \\d+ \\S+\\])?\\s*(?:error: PAM: )?User not known to the underlying authentication module for .* from <HOST>\\s*$']
['set', 'sshd', 'addfailregex', '^\\s*(< [^.]+\\. [^.]+>)?\\s*(?:\\S+ )?(?:kernel: \\ [ *\\d+\\.\\d+\\] )?(?:@vserver_\\S+ )?(?:(?:\\ [\\d+\\])?:\\s+ [\\ [\\(]?sshd(?:\\(\\S+\\))? [\\]\\)]?:?| [\\ [\\(]?sshd(?:\\(\\S+\\))? [\\]\\)]?:?(?:\\ [\\d+\\])?:?)?\\s(?:\\ [ID \\d+ \\S+\\])?\\s*Failed \\S+ for .*? from <HOST>(?: port \\d*)?(?: ssh\\d*)?(: (ruser .*|(\\S+ ID \\S+ \\(serial \\d+\\) CA )?\\S+ (?: [\\da-f]{2}:){15} [\\da-f]{2}(, client user ".*", client host ".*")?))?\\s*$']
['set', 'sshd', 'addfailregex', '^\\s*(< [^.]+\\. [^.]+>)?\\s*(?:\\S+ )?(?:kernel: \\ [ *\\d+\\.\\d+\\] )?(?:@vserver_\\S+ )?(?:(?:\\ [\\d+\\])?:\\s+ [\\ [\\(]?sshd(?:\\(\\S+\\))? [\\]\\)]?:?| [\\ [\\(]?sshd(?:\\(\\S+\\))? [\\]\\)]?:?(?:\\ [\\d+\\])?:?)?\\s(?:\\ [ID \\d+ \\S+\\])?\\s*ROOT LOGIN REFUSED.* FROM <HOST>\\s*$']
['set', 'sshd', 'addfailregex', '^\\s*(< [^.]+\\. [^.]+>)?\\s*(?:\\S+ )?(?:kernel: \\ [ *\\d+\\.\\d+\\] )?(?:@vserver_\\S+ )?(?:(?:\\ [\\d+\\])?:\\s+ [\\ [\\(]?sshd(?:\\(\\S+\\))? [\\]\\)]?:?| [\\ [\\(]?sshd(?:\\(\\S+\\))? [\\]\\)]?:?(?:\\ [\\d+\\])?:?)?\\s(?:\\ [ID \\d+ \\S+\\])?\\s* [iI](?:llegal|nvalid) user .* from <HOST>\\s*$']
['set', 'sshd', 'addfailregex', '^\\s*(< [^.]+\\. [^.]+>)?\\s*(?:\\S+ )?(?:kernel: \\ [ *\\d+\\.\\d+\\] )?(?:@vserver_\\S+ )?(?:(?:\\ [\\d+\\])?:\\s+ [\\ [\\(]?sshd(?:\\(\\S+\\))? [\\]\\)]?:?| [\\ [\\(]?sshd(?:\\(\\S+\\))? [\\]\\)]?:?(?:\\ [\\d+\\])?:?)?\\s(?:\\ [ID \\d+ \\S+\\])?\\s*User .+ from <HOST> not allowed because not listed in AllowUsers\\s*$']
['set', 'sshd', 'addfailregex', '^\\s*(< [^.]+\\. [^.]+>)?\\s*(?:\\S+ )?(?:kernel: \\ [ *\\d+\\.\\d+\\] )?(?:@vserver_\\S+ )?(?:(?:\\ [\\d+\\])?:\\s+ [\\ [\\(]?sshd(?:\\(\\S+\\))? [\\]\\)]?:?| [\\ [\\(]?sshd(?:\\(\\S+\\))? [\\]\\)]?:?(?:\\ [\\d+\\])?:?)?\\s(?:\\ [ID \\d+ \\S+\\])?\\s*User .+ from <HOST> not allowed because listed in DenyUsers\\s*$']
['set', 'sshd', 'addfailregex', '^\\s*(< [^.]+\\. [^.]+>)?\\s*(?:\\S+ )?(?:kernel: \\ [ *\\d+\\.\\d+\\] )?(?:@vserver_\\S+ )?(?:(?:\\ [\\d+\\])?:\\s+ [\\ [\\(]?sshd(?:\\(\\S+\\))? [\\]\\)]?:?| [\\ [\\(]?sshd(?:\\(\\S+\\))? [\\]\\)]?:?(?:\\ [\\d+\\])?:?)?\\s(?:\\ [ID \\d+ \\S+\\])?\\s*User .+ from <HOST> not allowed because not in any group\\s*$']
['set', 'sshd', 'addfailregex', '^\\s*(< [^.]+\\. [^.]+>)?\\s*(?:\\S+ )?(?:kernel: \\ [ *\\d+\\.\\d+\\] )?(?:@vserver_\\S+ )?(?:(?:\\ [\\d+\\])?:\\s+ [\\ [\\(]?sshd(?:\\(\\S+\\))? [\\]\\)]?:?| [\\ [\\(]?sshd(?:\\(\\S+\\))? [\\]\\)]?:?(?:\\ [\\d+\\])?:?)?\\s(?:\\ [ID \\d+ \\S+\\])?\\s*refused connect from \\S+ \\(<HOST>\\)\\s*$']
['set', 'sshd', 'addfailregex', '^\\s*(< [^.]+\\. [^.]+>)?\\s*(?:\\S+ )?(?:kernel: \\ [ *\\d+\\.\\d+\\] )?(?:@vserver_\\S+ )?(?:(?:\\ [\\d+\\])?:\\s+ [\\ [\\(]?sshd(?:\\(\\S+\\))? [\\]\\)]?:?| [\\ [\\(]?sshd(?:\\(\\S+\\))? [\\]\\)]?:?(?:\\ [\\d+\\])?:?)?\\s(?:\\ [ID \\d+ \\S+\\])?\\s*Received disconnect from <HOST>: 3: \\S+: Auth fail$']
['set', 'sshd', 'addfailregex', '^\\s*(< [^.]+\\. [^.]+>)?\\s*(?:\\S+ )?(?:kernel: \\ [ *\\d+\\.\\d+\\] )?(?:@vserver_\\S+ )?(?:(?:\\ [\\d+\\])?:\\s+ [\\ [\\(]?sshd(?:\\(\\S+\\))? [\\]\\)]?:?| [\\ [\\(]?sshd(?:\\(\\S+\\))? [\\]\\)]?:?(?:\\ [\\d+\\])?:?)?\\s(?:\\ [ID \\d+ \\S+\\])?\\s*User .+ from <HOST> not allowed because a group is listed in DenyGroups\\s*$']
['set', 'sshd', 'addfailregex', "^\\s*(< [^.]+\\. [^.]+>)?\\s*(?:\\S+ )?(?:kernel: \\ [ *\\d+\\.\\d+\\] )?(?:@vserver_\\S+ )?(?:(?:\\ [\\d+\\])?:\\s+ [\\ [\\(]?sshd(?:\\(\\S+\\))? [\\]\\)]?:?| [\\ [\\(]?sshd(?:\\(\\S+\\))? [\\]\\)]?:?(?:\\ [\\d+\\])?:?)?\\s(?:\\ [ID \\d+ \\S+\\])?\\s*User .+ from <HOST> not allowed because none of user's groups are listed in AllowGroups\\s*$"]
['set', 'sshd', 'addfailregex', '^(?P<__prefix>\\s*(< [^.]+\\. [^.]+>)?\\s*(?:\\S+ )?(?:kernel: \\ [ *\\d+\\.\\d+\\] )?(?:@vserver_\\S+ )?(?:(?:\\ [\\d+\\])?:\\s+ [\\ [\\(]?sshd(?:\\(\\S+\\))? [\\]\\)]?:?| [\\ [\\(]?sshd(?:\\(\\S+\\))? [\\]\\)]?:?(?:\\ [\\d+\\])?:?)?\\s(?:\\ [ID \\d+ \\S+\\])?\\s*)User .+ not allowed because account is locked<SKIPLINES>(?P=__prefix)(?:error: )?Received disconnect from <HOST>: 11: .+ \\ [preauth\\]$']
['set', 'sshd', 'addfailregex', '^(?P<__prefix>\\s*(< [^.]+\\. [^.]+>)?\\s*(?:\\S+ )?(?:kernel: \\ [ *\\d+\\.\\d+\\] )?(?:@vserver_\\S+ )?(?:(?:\\ [\\d+\\])?:\\s+ [\\ [\\(]?sshd(?:\\(\\S+\\))? [\\]\\)]?:?| [\\ [\\(]?sshd(?:\\(\\S+\\))? [\\]\\)]?:?(?:\\ [\\d+\\])?:?)?\\s(?:\\ [ID \\d+ \\S+\\])?\\s*)Disconnecting: Too many authentication failures for .+? \\ [preauth\\]<SKIPLINES>(?P=__prefix)(?:error: )?Connection closed by <HOST> \\ [preauth\\]$']
['set', 'sshd', 'addfailregex', '^(?P<__prefix>\\s*(< [^.]+\\. [^.]+>)?\\s*(?:\\S+ )?(?:kernel: \\ [ *\\d+\\.\\d+\\] )?(?:@vserver_\\S+ )?(?:(?:\\ [\\d+\\])?:\\s+ [\\ [\\(]?sshd(?:\\(\\S+\\))? [\\]\\)]?:?| [\\ [\\(]?sshd(?:\\(\\S+\\))? [\\]\\)]?:?(?:\\ [\\d+\\])?:?)?\\s(?:\\ [ID \\d+ \\S+\\])?\\s*)Connection from <HOST> port \\d+(?: on \\S+ port \\d+)?<SKIPLINES>(?P=__prefix)Disconnecting: Too many authentication failures for .+? \\ [preauth\\]$']
['set', 'sshd', 'addfailregex', '^\\s*(< [^.]+\\. [^.]+>)?\\s*(?:\\S+ )?(?:kernel: \\ [ *\\d+\\.\\d+\\] )?(?:@vserver_\\S+ )?(?:(?:\\ [\\d+\\])?:\\s+ [\\ [\\(]?sshd(?:\\(\\S+\\))? [\\]\\)]?:?| [\\ [\\(]?sshd(?:\\(\\S+\\))? [\\]\\)]?:?(?:\\ [\\d+\\])?:?)?\\s(?:\\ [ID \\d+ \\S+\\])?\\s*pam_unix\\(sshd:auth\\):\\s+authentication failure;\\s*logname=\\S*\\s*uid=\\d*\\s*euid=\\d*\\s*tty=\\S*\\s*ruser=\\S*\\s*rhost=<HOST>\\s.*$']
['set', 'sshd', 'addjournalmatch', '_SYSTEMD_UNIT=sshd.service', '+', '_COMM=sshd']
['set', 'sshd', 'addaction', 'iptables-multiport']
['set', 'sshd', 'action', 'iptables-multiport', 'actionban', '<iptables> -I f2b-<name> 1 -s <ip> -j <blocktype>']
['set', 'sshd', 'action', 'iptables-multiport', 'actionunban', '<iptables> -D f2b-<name> -s <ip> -j <blocktype>']
['set', 'sshd', 'action', 'iptables-multiport', 'actionstart', '<iptables> -N f2b-<name>\n<iptables> -A f2b-<name> -j <returntype>\n<iptables> -I <chain> -p <protocol> -m multiport --dports <port> -j f2b-<name>']
['set', 'sshd', 'action', 'iptables-multiport', 'actionstop', '<iptables> -D <chain> -p <protocol> -m multiport --dports <port> -j f2b-<name>\n<iptables> -F f2b-<name>\n<iptables> -X f2b-<name>']
['set', 'sshd', 'action', 'iptables-multiport', 'actioncheck', "<iptables> -n -L <chain> | grep -q 'f2b-<name> [ \\t]'"]
['set', 'sshd', 'action', 'iptables-multiport', 'iptables', 'iptables <lockingopt>']
['set', 'sshd', 'action', 'iptables-multiport', 'chain', 'INPUT']
['set', 'sshd', 'action', 'iptables-multiport', 'lockingopt', '-w']
['set', 'sshd', 'action', 'iptables-multiport', 'returntype', 'RETURN']
['set', 'sshd', 'action', 'iptables-multiport', 'known/lockingopt', '-w']
['set', 'sshd', 'action', 'iptables-multiport', 'protocol', 'tcp']
['set', 'sshd', 'action', 'iptables-multiport', 'bantime', '600']
['set', 'sshd', 'action', 'iptables-multiport', 'known/port', 'ssh']
['set', 'sshd', 'action', 'iptables-multiport', 'known/chain', 'INPUT']
['set', 'sshd', 'action', 'iptables-multiport', 'known/returntype', 'RETURN']
['set', 'sshd', 'action', 'iptables-multiport', 'known/protocol', 'tcp']
['set', 'sshd', 'action', 'iptables-multiport', 'name', 'sshd']
['set', 'sshd', 'action', 'iptables-multiport', 'known/iptables', 'iptables <lockingopt>']
['set', 'sshd', 'action', 'iptables-multiport', 'port', 'ssh']
['set', 'sshd', 'action', 'iptables-multiport', 'blocktype', 'REJECT --reject-with icmp-port-unreachable']
['set', 'sshd', 'action', 'iptables-multiport', 'known/blocktype', 'REJECT --reject-with icmp-port-unreachable']
['set', 'sshd', 'action', 'iptables-multiport', 'known/name', 'default']
['start', 'sshd']

NAVIGATION

PARTICIPER ET PARTAGER

Vous êtes sur le wiki de Vision du Web.
De nombreuses pages sont partagées sur ce wiki.
Les pages présentées sur le wiki évoluent tous les jours.
Certaines recherches sont peu abouties et incluent des erreurs.
Pour participer sur le wiki, créer un compte utilisateur en haut à droite.
La recherche interne du wiki permet de trouver le contenu qui vous intéresse.
Les informations présentes sur ce wiki sont issues d'une recherche personnelle.
Identifiez-vous pour poser vos questions sur la page de discussion de VisionDuWeb.
Améliorer le contenu des pages en faisant des propositions depuis l'onglet discussion.
Les informations du wiki ne doivent pas servir à nuire à autrui ou à un système informatique.
Pour participer sur le forum, créer un compte utilisateur depuis le forum. Aller sur le Forum.

VALORISER LE WIKI

Valoriser le contenu partagé sur le wiki avec un don en monnaie numérique :
AEON - Bitcoins - Bitcoins Cash - Bitcoins Gold - Bitcore - Blackcoins - Basic Attention Token - Bytecoins - Clams - Dash - Monero - Dogecoins - Ğ1 - Ethereum - Ethereum Classique - Litecoins - Potcoins - Solarcoins - Zcash

OBTENIR DE LA MONNAIE NUMERIQUE

Obtenir gratuitement de la monnaie numérique :
Gagner des Altcoins - Miner des Altcoins.