On Thu, 21 Dec 2006 22:09:05 -0500
Yaroslav Halchenko [EMAIL PROTECTED] wrote:
Hi again
Yes, it works! But it needed changing my jail.local also; that solved the
problem. Debian etch version didn't
work even changing jail.local. Keep reading.
etch version doesn't have right failregex
On Thu, 21 Dec 2006 23:58:37 -0500
Yaroslav Halchenko [EMAIL PROTECTED] wrote:
Hi
It seems that Debian shipped vsftp comes with pam support which gets
enabled if you enable local_enable option
It comes with pam support for local users (sorry I didn't express myself
correctly) but not for
Hi
just use pre1 version for now -- I will troubleshoot why the heck pre2
didn't work for you since it should've ;-)
This is another part of the custom build of vsftpd, maybe it gives you more
info:
You need an /etc/pam.d/ftp file containing this:
auth required /lib/security/pam_userdb.so
ok - everything is fixed now
by default we would use /var/log/vsftpd.log and regexp matches both
vsftpd and auth.log entries if logpath gets changed over to auth.log ;)
(I fixed it and checked myself now, not to say that I should have
done that at the beginning ;-) )
please check out
On Fri, 22 Dec 2006 14:05:21 -0500
Yaroslav Halchenko [EMAIL PROTECTED] wrote:
ok - everything is fixed now
by default we would use /var/log/vsftpd.log and regexp matches both
vsftpd and auth.log entries if logpath gets changed over to auth.log ;)
(I fixed it and checked myself now, not to
tag 404060 + pending
thanks
please check out
http://itanix.rutgers.edu/rumba/dists/sid/perspect/binary-all/net/fail2ban_0.7.5-3~pre4_all.deb
Yay!! It works ok, just creating jail.local and enabling vsftpd section, as
stated.
good
Great work, Yaroslav... my second bug report about
Package: fail2ban
Version: 0.7.5-2
Severity: important
Since the upgrade to 0.7, fail2ban does not ban vsftpd erroneous logins. The
severity I've chosen is important because ssh bad login attempts are correctly
stopped by fail2ban, so it is not critical.
As stated in /etc/fail2ban/jail.conf, I
Hi Antonio,
Send me
1. output of commands
fail2ban-client status
fail2ban-client status vsftpd
2. fail2ban.log
3. log lines which signaled failed attempt to login in vsftp
I assume that you use stock config files (besides that custom jail.local
with enabled vsftpd section)
--
On Thu, 21 Dec 2006 09:14:08 -0500
Yaroslav Halchenko [EMAIL PROTECTED] wrote:
Hi Antonio,
Send me
1. output of commands
fail2ban-client status
fail2ban-client status vsftpd
Hi Yaroslav
1) [EMAIL PROTECTED]:/# fail2ban-client status
Status
|- Number of jail: 2
`- Jail list:
You can also read my blurb below - ie how I came to the fact that the
fact that upstream started to ship vsftpd section (versions 0.6.2 and
0.7.1) which were different from my previously Debian shipped,
and it slipped through my hands.
ok - fix is needed.
Could you please verify that next
On Thu, 21 Dec 2006 11:59:38 -0500
Yaroslav Halchenko [EMAIL PROTECTED] wrote:
You can also read my blurb below - ie how I came to the fact that the
fact that upstream started to ship vsftpd section (versions 0.6.2 and
0.7.1) which were different from my previously Debian shipped,
and it
Hi again
Yes, it works! But it needed changing my jail.local also; that solved the
problem. Debian etch version didn't
work even changing jail.local. Keep reading.
etch version doesn't have right failregex so you would need to override
it in filters.d/vsftpd.local
taking it from sid version
Hi
It seems that Debian shipped vsftp comes with pam support which gets
enabled if you enable local_enable option
then I start getting auth.log entries like
Dec 21 23:37:06 belka vsftpd: (pam_unix) authentication failure; logname= uid=0
euid=0 tty=ftp ruser=yoh rhost=165.230.95.67 user=yoh
13 matches
Mail list logo