Afficher la réponse de fail2ban client d sur une installation par défaut

De Analyse Développement Hacking
Sauter à la navigation Sauter à la recherche

Glider.png

Le wiki : Accueil - Administrateur - Bureautique - Développeur - Intégrateur - Marketing - Multimédia - Objets numériques - Jeux - We make Hack

Le site : Accueil du site - Annuaire - Blog - Forum - Outils - Utilisateur
Le FTP : Accueil du FTP - Le privatebin : Accueil du privatebin
Le Redmine : Accueil du Redmine

Afficher la réponse de fail2ban client d sur une installation par défaut

# Installation par défaut sur GNU/Linux Mint Sarah.
fail2ban-client -d
['set', 'syslogsocket', 'auto']
['set', 'loglevel', 'INFO']
['set', 'logtarget', '/var/log/fail2ban.log']
['set', 'dbfile', '/var/lib/fail2ban/fail2ban.sqlite3']
['set', 'dbpurgeage', 86400]
['add', 'sshd', 'auto']
['set', 'sshd', 'findtime', 600]
['set', 'sshd', 'addlogpath', '/var/log/auth.log', 'head']
['set', 'sshd', 'ignorecommand', ]
['set', 'sshd', 'bantime', 600]
['set', 'sshd', 'addignoreip', '127.0.0.1/8']
['set', 'sshd', 'maxretry', 5]
['set', 'sshd', 'usedns', 'warn']
['set', 'sshd', 'logencoding', 'auto']
['set', 'sshd', 'maxlines', '10']
['set', 'sshd', 'addfailregex', '^\\s*(< [^.]+\\. [^.]+>)?\\s*(?:\\S+ )?(?:kernel: \\ [ *\\d+\\.\\d+\\] )?(?:@vserver_\\S+ )?(?:(?:\\ [\\d+\\])?:\\s+ [\\ [\\(]?sshd(?:\\(\\S+\\))? [\\]\\)]?:?| [\\ [\\(]?sshd(?:\\(\\S+\\))? [\\]\\)]?:?(?:\\ [\\d+\\])?:?)?\\s(?:\\ [ID \\d+ \\S+\\])?\\s*(?:error: PAM: )? [aA]uthentication (?:failure|error) for .* from <HOST>( via \\S+)?\\s*$']
['set', 'sshd', 'addfailregex', '^\\s*(< [^.]+\\. [^.]+>)?\\s*(?:\\S+ )?(?:kernel: \\ [ *\\d+\\.\\d+\\] )?(?:@vserver_\\S+ )?(?:(?:\\ [\\d+\\])?:\\s+ [\\ [\\(]?sshd(?:\\(\\S+\\))? [\\]\\)]?:?| [\\ [\\(]?sshd(?:\\(\\S+\\))? [\\]\\)]?:?(?:\\ [\\d+\\])?:?)?\\s(?:\\ [ID \\d+ \\S+\\])?\\s*(?:error: PAM: )?User not known to the underlying authentication module for .* from <HOST>\\s*$']
['set', 'sshd', 'addfailregex', '^\\s*(< [^.]+\\. [^.]+>)?\\s*(?:\\S+ )?(?:kernel: \\ [ *\\d+\\.\\d+\\] )?(?:@vserver_\\S+ )?(?:(?:\\ [\\d+\\])?:\\s+ [\\ [\\(]?sshd(?:\\(\\S+\\))? [\\]\\)]?:?| [\\ [\\(]?sshd(?:\\(\\S+\\))? [\\]\\)]?:?(?:\\ [\\d+\\])?:?)?\\s(?:\\ [ID \\d+ \\S+\\])?\\s*Failed \\S+ for .*? from <HOST>(?: port \\d*)?(?: ssh\\d*)?(: (ruser .*|(\\S+ ID \\S+ \\(serial \\d+\\) CA )?\\S+ (?: [\\da-f]{2}:){15} [\\da-f]{2}(, client user ".*", client host ".*")?))?\\s*$']
['set', 'sshd', 'addfailregex', '^\\s*(< [^.]+\\. [^.]+>)?\\s*(?:\\S+ )?(?:kernel: \\ [ *\\d+\\.\\d+\\] )?(?:@vserver_\\S+ )?(?:(?:\\ [\\d+\\])?:\\s+ [\\ [\\(]?sshd(?:\\(\\S+\\))? [\\]\\)]?:?| [\\ [\\(]?sshd(?:\\(\\S+\\))? [\\]\\)]?:?(?:\\ [\\d+\\])?:?)?\\s(?:\\ [ID \\d+ \\S+\\])?\\s*ROOT LOGIN REFUSED.* FROM <HOST>\\s*$']
['set', 'sshd', 'addfailregex', '^\\s*(< [^.]+\\. [^.]+>)?\\s*(?:\\S+ )?(?:kernel: \\ [ *\\d+\\.\\d+\\] )?(?:@vserver_\\S+ )?(?:(?:\\ [\\d+\\])?:\\s+ [\\ [\\(]?sshd(?:\\(\\S+\\))? [\\]\\)]?:?| [\\ [\\(]?sshd(?:\\(\\S+\\))? [\\]\\)]?:?(?:\\ [\\d+\\])?:?)?\\s(?:\\ [ID \\d+ \\S+\\])?\\s* [iI](?:llegal|nvalid) user .* from <HOST>\\s*$']
['set', 'sshd', 'addfailregex', '^\\s*(< [^.]+\\. [^.]+>)?\\s*(?:\\S+ )?(?:kernel: \\ [ *\\d+\\.\\d+\\] )?(?:@vserver_\\S+ )?(?:(?:\\ [\\d+\\])?:\\s+ [\\ [\\(]?sshd(?:\\(\\S+\\))? [\\]\\)]?:?| [\\ [\\(]?sshd(?:\\(\\S+\\))? [\\]\\)]?:?(?:\\ [\\d+\\])?:?)?\\s(?:\\ [ID \\d+ \\S+\\])?\\s*User .+ from <HOST> not allowed because not listed in AllowUsers\\s*$']
['set', 'sshd', 'addfailregex', '^\\s*(< [^.]+\\. [^.]+>)?\\s*(?:\\S+ )?(?:kernel: \\ [ *\\d+\\.\\d+\\] )?(?:@vserver_\\S+ )?(?:(?:\\ [\\d+\\])?:\\s+ [\\ [\\(]?sshd(?:\\(\\S+\\))? [\\]\\)]?:?| [\\ [\\(]?sshd(?:\\(\\S+\\))? [\\]\\)]?:?(?:\\ [\\d+\\])?:?)?\\s(?:\\ [ID \\d+ \\S+\\])?\\s*User .+ from <HOST> not allowed because listed in DenyUsers\\s*$']
['set', 'sshd', 'addfailregex', '^\\s*(< [^.]+\\. [^.]+>)?\\s*(?:\\S+ )?(?:kernel: \\ [ *\\d+\\.\\d+\\] )?(?:@vserver_\\S+ )?(?:(?:\\ [\\d+\\])?:\\s+ [\\ [\\(]?sshd(?:\\(\\S+\\))? [\\]\\)]?:?| [\\ [\\(]?sshd(?:\\(\\S+\\))? [\\]\\)]?:?(?:\\ [\\d+\\])?:?)?\\s(?:\\ [ID \\d+ \\S+\\])?\\s*User .+ from <HOST> not allowed because not in any group\\s*$']
['set', 'sshd', 'addfailregex', '^\\s*(< [^.]+\\. [^.]+>)?\\s*(?:\\S+ )?(?:kernel: \\ [ *\\d+\\.\\d+\\] )?(?:@vserver_\\S+ )?(?:(?:\\ [\\d+\\])?:\\s+ [\\ [\\(]?sshd(?:\\(\\S+\\))? [\\]\\)]?:?| [\\ [\\(]?sshd(?:\\(\\S+\\))? [\\]\\)]?:?(?:\\ [\\d+\\])?:?)?\\s(?:\\ [ID \\d+ \\S+\\])?\\s*refused connect from \\S+ \\(<HOST>\\)\\s*$']
['set', 'sshd', 'addfailregex', '^\\s*(< [^.]+\\. [^.]+>)?\\s*(?:\\S+ )?(?:kernel: \\ [ *\\d+\\.\\d+\\] )?(?:@vserver_\\S+ )?(?:(?:\\ [\\d+\\])?:\\s+ [\\ [\\(]?sshd(?:\\(\\S+\\))? [\\]\\)]?:?| [\\ [\\(]?sshd(?:\\(\\S+\\))? [\\]\\)]?:?(?:\\ [\\d+\\])?:?)?\\s(?:\\ [ID \\d+ \\S+\\])?\\s*Received disconnect from <HOST>: 3: \\S+: Auth fail$']
['set', 'sshd', 'addfailregex', '^\\s*(< [^.]+\\. [^.]+>)?\\s*(?:\\S+ )?(?:kernel: \\ [ *\\d+\\.\\d+\\] )?(?:@vserver_\\S+ )?(?:(?:\\ [\\d+\\])?:\\s+ [\\ [\\(]?sshd(?:\\(\\S+\\))? [\\]\\)]?:?| [\\ [\\(]?sshd(?:\\(\\S+\\))? [\\]\\)]?:?(?:\\ [\\d+\\])?:?)?\\s(?:\\ [ID \\d+ \\S+\\])?\\s*User .+ from <HOST> not allowed because a group is listed in DenyGroups\\s*$']
['set', 'sshd', 'addfailregex', "^\\s*(< [^.]+\\. [^.]+>)?\\s*(?:\\S+ )?(?:kernel: \\ [ *\\d+\\.\\d+\\] )?(?:@vserver_\\S+ )?(?:(?:\\ [\\d+\\])?:\\s+ [\\ [\\(]?sshd(?:\\(\\S+\\))? [\\]\\)]?:?| [\\ [\\(]?sshd(?:\\(\\S+\\))? [\\]\\)]?:?(?:\\ [\\d+\\])?:?)?\\s(?:\\ [ID \\d+ \\S+\\])?\\s*User .+ from <HOST> not allowed because none of user's groups are listed in AllowGroups\\s*$"]
['set', 'sshd', 'addfailregex', '^(?P<__prefix>\\s*(< [^.]+\\. [^.]+>)?\\s*(?:\\S+ )?(?:kernel: \\ [ *\\d+\\.\\d+\\] )?(?:@vserver_\\S+ )?(?:(?:\\ [\\d+\\])?:\\s+ [\\ [\\(]?sshd(?:\\(\\S+\\))? [\\]\\)]?:?| [\\ [\\(]?sshd(?:\\(\\S+\\))? [\\]\\)]?:?(?:\\ [\\d+\\])?:?)?\\s(?:\\ [ID \\d+ \\S+\\])?\\s*)User .+ not allowed because account is locked<SKIPLINES>(?P=__prefix)(?:error: )?Received disconnect from <HOST>: 11: .+ \\ [preauth\\]$']
['set', 'sshd', 'addfailregex', '^(?P<__prefix>\\s*(< [^.]+\\. [^.]+>)?\\s*(?:\\S+ )?(?:kernel: \\ [ *\\d+\\.\\d+\\] )?(?:@vserver_\\S+ )?(?:(?:\\ [\\d+\\])?:\\s+ [\\ [\\(]?sshd(?:\\(\\S+\\))? [\\]\\)]?:?| [\\ [\\(]?sshd(?:\\(\\S+\\))? [\\]\\)]?:?(?:\\ [\\d+\\])?:?)?\\s(?:\\ [ID \\d+ \\S+\\])?\\s*)Disconnecting: Too many authentication failures for .+? \\ [preauth\\]<SKIPLINES>(?P=__prefix)(?:error: )?Connection closed by <HOST> \\ [preauth\\]$']
['set', 'sshd', 'addfailregex', '^(?P<__prefix>\\s*(< [^.]+\\. [^.]+>)?\\s*(?:\\S+ )?(?:kernel: \\ [ *\\d+\\.\\d+\\] )?(?:@vserver_\\S+ )?(?:(?:\\ [\\d+\\])?:\\s+ [\\ [\\(]?sshd(?:\\(\\S+\\))? [\\]\\)]?:?| [\\ [\\(]?sshd(?:\\(\\S+\\))? [\\]\\)]?:?(?:\\ [\\d+\\])?:?)?\\s(?:\\ [ID \\d+ \\S+\\])?\\s*)Connection from <HOST> port \\d+(?: on \\S+ port \\d+)?<SKIPLINES>(?P=__prefix)Disconnecting: Too many authentication failures for .+? \\ [preauth\\]$']
['set', 'sshd', 'addfailregex', '^\\s*(< [^.]+\\. [^.]+>)?\\s*(?:\\S+ )?(?:kernel: \\ [ *\\d+\\.\\d+\\] )?(?:@vserver_\\S+ )?(?:(?:\\ [\\d+\\])?:\\s+ [\\ [\\(]?sshd(?:\\(\\S+\\))? [\\]\\)]?:?| [\\ [\\(]?sshd(?:\\(\\S+\\))? [\\]\\)]?:?(?:\\ [\\d+\\])?:?)?\\s(?:\\ [ID \\d+ \\S+\\])?\\s*pam_unix\\(sshd:auth\\):\\s+authentication failure;\\s*logname=\\S*\\s*uid=\\d*\\s*euid=\\d*\\s*tty=\\S*\\s*ruser=\\S*\\s*rhost=<HOST>\\s.*$']
['set', 'sshd', 'addjournalmatch', '_SYSTEMD_UNIT=sshd.service', '+', '_COMM=sshd']
['set', 'sshd', 'addaction', 'iptables-multiport']
['set', 'sshd', 'action', 'iptables-multiport', 'actionban', '<iptables> -I f2b-<name> 1 -s <ip> -j <blocktype>']
['set', 'sshd', 'action', 'iptables-multiport', 'actionunban', '<iptables> -D f2b-<name> -s <ip> -j <blocktype>']
['set', 'sshd', 'action', 'iptables-multiport', 'actionstart', '<iptables> -N f2b-<name>\n<iptables> -A f2b-<name> -j <returntype>\n<iptables> -I <chain> -p <protocol> -m multiport --dports <port> -j f2b-<name>']
['set', 'sshd', 'action', 'iptables-multiport', 'actionstop', '<iptables> -D <chain> -p <protocol> -m multiport --dports <port> -j f2b-<name>\n<iptables> -F f2b-<name>\n<iptables> -X f2b-<name>']
['set', 'sshd', 'action', 'iptables-multiport', 'actioncheck', "<iptables> -n -L <chain> | grep -q 'f2b-<name> [ \\t]'"]
['set', 'sshd', 'action', 'iptables-multiport', 'iptables', 'iptables <lockingopt>']
['set', 'sshd', 'action', 'iptables-multiport', 'chain', 'INPUT']
['set', 'sshd', 'action', 'iptables-multiport', 'lockingopt', '-w']
['set', 'sshd', 'action', 'iptables-multiport', 'returntype', 'RETURN']
['set', 'sshd', 'action', 'iptables-multiport', 'known/lockingopt', '-w']
['set', 'sshd', 'action', 'iptables-multiport', 'protocol', 'tcp']
['set', 'sshd', 'action', 'iptables-multiport', 'bantime', '600']
['set', 'sshd', 'action', 'iptables-multiport', 'known/port', 'ssh']
['set', 'sshd', 'action', 'iptables-multiport', 'known/chain', 'INPUT']
['set', 'sshd', 'action', 'iptables-multiport', 'known/returntype', 'RETURN']
['set', 'sshd', 'action', 'iptables-multiport', 'known/protocol', 'tcp']
['set', 'sshd', 'action', 'iptables-multiport', 'name', 'sshd']
['set', 'sshd', 'action', 'iptables-multiport', 'known/iptables', 'iptables <lockingopt>']
['set', 'sshd', 'action', 'iptables-multiport', 'port', 'ssh']
['set', 'sshd', 'action', 'iptables-multiport', 'blocktype', 'REJECT --reject-with icmp-port-unreachable']
['set', 'sshd', 'action', 'iptables-multiport', 'known/blocktype', 'REJECT --reject-with icmp-port-unreachable']
['set', 'sshd', 'action', 'iptables-multiport', 'known/name', 'default']
['start', 'sshd']

NAVIGATION

PARTICIPER ET PARTAGER

Bienvenue sur le wiki de Vision du Web.
De nombreuses pages sont partagées sur ce wiki.
Créer un compte utilisateur pour participer sur le wiki.
Les pages présentées sur le wiki évoluent tous les jours.
Certaines recherches sont peu abouties et incluent des erreurs.
Utiliser la recherche interne du wiki pour trouver votre contenu.
La page de discussion de VisionDuWeb vous permet de poser une question.
Utiliser la recherche interne du site pour chercher dans tout le contenu.
Ce contenu ne doit pas servir à nuire à autrui ou à un système informatique.
Protéger votre système Linux ou Windows en lisant la page dédié à la sécurité.
Améliorer le contenu des pages avec vos propositions depuis l'onglet discussion.

SOUTENIR CE WIKI

Soutenir le wiki avec un don en monnaie numérique :
AEON - Bitcoins - Bitcoins Cash - Bitcoins Gold - Bitcore - Blackcoins - Basic Attention Token - Bytecoins - Clams - Dash - Monero - Dogecoins - Ğ1 - Ethereum - Ethereum Classique - Litecoins - Potcoins - Solarcoins - Zcash

OBTENIR DE LA MONNAIE NUMERIQUE

Obtenir gratuitement de la monnaie numérique :
Gagner des Altcoins - Miner des Altcoins.