≡ Menu

Fail2Ban and Time…

“Fail2Ban isn’t banning” and/or “why is Fail2Ban not banning this attack” and/or “Fail2Ban not banning IPs”.

This will be quick, if you find yourself in a situation where you have the script kiddies beating on your door, and fail2ban magically stops dropping them with iptables, be sure to check that the timestamps in /var/log/secure matches the time that your machine reports as well. /etc/sysconfig/clock and /etc/localtime should be in agreement as to what timezone the machine is running on. Adjust as needed and restart both fail2ban and rsyslog.

Karl

0 comments… add one

Leave a Comment