April 21, 2008
Use fail2ban to stop brute-force attacks
apt-get install fail2ban
That’s all it takes to install this handy utility. It will monitor different services (ssh, postfix, courier, etc.) for repeated failed login attempts and will block the attacker for a given duration of time. All the settings can be found in
After you have updated the settings file, use:
to reload the new settings.
I was having brute-force dictionary attacks on
pop3 port, fail2ban blocked the attacker within 1 minute. Thanks to the developers.