Hello fellow fail2ban users! I am a huge fan of fail2ban, and it is an integral part of my work. However, I ran into some cases where I wanted some additional functionality that I couldn't achieve with vanilla fail2ban.
I manage a handful of Asterisk servers that are on the public internet. Because of restrictions out of my control, I couldn't put them behind a VPN but I could do TLS+ZRTP. However, then I had the problem of brute forcing and in this case bots would just loop over all my servers. I built fail2rest to allow me to query each server, and then distribute bans to the other ones. As time went on I was able to build up some analytics and manage settings with some light scripting. This is all implemented via a REST API that is addressable like fail2web/global/status GET fail2web/jail/ssh GET fail2web/jail/ssh/banip POST After that was done I built a little client side app that allows you to visualize everything and adds nice forms to mutate your fail2ban instance. With the following screenshots showing a little bit of what I have so far. https://camo.githubusercontent.com/77d192e454799ccbee45124f790e2bdd8a1ac9b3/687474703a2f2f692e696d6775722e636f6d2f76444b596e716c2e676966 https://camo.githubusercontent.com/b82aa14bf4e7eeffadf2fadd40306bcc4cdb8d59/687474703a2f2f692e696d6775722e636f6d2f44757930614b4d2e676966 INSTALLING ---------- I am working on getting both projects in the Debian repos right now (and would appreciate help if anyone is involved with Debian!) You can get an unofficial deb from https://github.com/Sean-Der/fail2packages/blob/master/debian/fail2rest/fail2rest_1.0-1_amd64.deb However, both repos do have full install guides in their READMEs https://github.com/sean-der/fail2web https://github.com/sean-der/fail2rest TECHNICAL DETAILS AND CONTRIBUTING ---------------------------------- fail2rest was built using Go, and communicates directly with the fail2ban socket. It uses excellent ogórek library to decode the pickled data. It also is aware of the new SQLite feature in fail2ban 0.9 and reads from it fail2web is built using angularjs and bootstrap, using browserify for building. It allows me to use npm and use the rich javascript ecosystem that already exists for node.js If you have any feature requests OR would like to contribute I would love to talk to you! Currently I don't need anything new (yet!), so I am just working on packaging, but if people request new things I would love to build. This is also a great opportunity to learn any of the technology. I am looking for contributions of any size, would just like to infuse the project with new ideas. RESOURCES --------- Both projects are on GitHub, along with bugs and feature requests https://github.com/sean-der/fail2web https://github.com/sean-der/fail2rest You can also find me on IRC in #fail2web and #fail2ban my nick is Sean-Der. Please mention me if you want to chat, I have a bouncer so I might miss your messages if I don't get an alert. thanks for reading, and I hope you enjoy fail2web! ------------------------------------------------------------------------------ Meet PCI DSS 3.0 Compliance Requirements with EventLog Analyzer Achieve PCI DSS 3.0 Compliant Status with Out-of-the-box PCI DSS Reports Are you Audit-Ready for PCI DSS 3.0 Compliance? Download White paper Comply to PCI DSS 3.0 Requirement 10 and 11.5 with EventLog Analyzer http://pubads.g.doubleclick.net/gampad/clk?id=154622311&iu=/4140/ostg.clktrk _______________________________________________ Fail2ban-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/fail2ban-users
