[Samba] Fail2Ban for AD
Philippe LeCavalier
support at plecavalier.com
Sun Dec 12 18:50:39 UTC 2021
On Sun, Dec 12, 2021, 11:55 Andrew Bartlett <abartlet at samba.org> wrote:
> On Sat, 2021-12-11 at 22:33 -0500, Philippe LeCavalier via samba wrote:
> > On Sat, Dec 11, 2021 at 4:23 AM Andrea Venturoli via samba <
> > samba at lists.samba.org> wrote:
> >
> > > On 12/11/21 01:33, Philippe LeCavalier via samba wrote:
> > > > Hi,
> > >
> > > Hello.
> > >
> > >
> > >
> > > > Has anyone here implemented fail2ban? If so, what has your
> > > > experience
> > > been
> > > > thus far?
> > >
> > > What for? Failed authentications?
> > >
> > >
> > > Or ransomware protection?
> > >
> > No just for failed logins . The lockout will create DoS and I'm
> > seeing way more failed logins than I like.
>
> https://wiki.samba.org/index.php/Setting_up_Audit_Logging was
> specifically intended to provide enough detail to allow this kind of
> thing.
>
> Andrew Bartlett
>
> Sorry Andrew, could you clarify? Are you saying samba has the ability to
> ban per public IP or just the the log sys doesn't need to be redirected to
> use fail2ban
More information about the samba
mailing list