SHARE
TWEET

Follow up: fail2ban AWS access controls

ChrisLAS Mar 20th, 2018 130 Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
  1. Ben writes...
  2.  
  3. In a recent episode, you discussed how fail2ban wouldn't work well in a broader system, such as connecting to DO firewall.
  4.  
  5. I can tell you that fail2ban can support these things with some addons.
  6.  
  7. With this plugin, fail2ban can change AWS's access control for the VPC, blocking access to entire VPC.
  8.  
  9. https://github.com/anthonymartin/aws-acl-fail2ban
  10.  
  11. Additionally, another script can be used with fail2ban to ping a slack channel when bans and unbans happen, to allow a devops team to keep an eye on things. This one has the handy feature of looking up country and ISP, which allows you to quickly see if you're blocking a russian VPS (no problem), or an ATT IP in Kansas (something you might want to take a closer look at).
  12.  
  13. https://gist.github.com/Nihisil/29fd2971c9dd109ae245
  14.  
  15. Hope this helps.
RAW Paste Data
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy. OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!
 
Top