I want to make sure that I have a secure server. I setup my ISPConfig 3.0 server using the HowTo: Perfect Server Debian Lenny. To this point, I have not had any problems. Are there any other things that I can do to make it any more secure. I just want to be sure that I am as safe as possible. -Drew
You can disable SSH password logins and use keys instead: http://www.howtoforge.com/ssh_key_based_logins_putty
Thanks for that suggestion. The only other thing that I am noticing is a lot of failed attempts to login to the FTP server. I have tried to configure fail2ban, but I have never seen it block anything for the FTP server. Is there a good tutorial on configuring fail2ban with Debian Lenny and ISPConfig 3.0? Thanks. -Drew
i think this will resolve your problem. http://www.faqforge.com/linux/contr...ute-instead-of-iptables-to-block-connections/ try edit /etc/fail2ban/jail.conf to enable pureftpd
In /etc/fail2ban/filter.d/pure-ftpd.conf make sure you have: Code: [Definition] failregex = .*pure-ftpd: \(.*@<HOST>\) \[WARNING\] Authentication failed for user.* ignoreregex = In /etc/fail2ban/jail.local add following below ftp server : Code: [pureftpd] enabled = true port = ftp filter = pure-ftpd logpath = /var/log/syslog maxretry = 3 Restart fail2ban and it should work.
Lano, do you have the correct filters for the entire fail2ban configuration? I have tried falko's tutorial several times, but I always have an error and have to start over. The ones that give me problems are the SASL, POP3, and IMAP. Not sure if I have already mentioned this, but I am running Debian Lenny server with ISPConfig 3.0.1.6 from the tutorial on howtoforge.com. Thanks for the help. -Drew
