[Samba] Fail2Ban for AD

Andrew Bartlett abartlet at samba.org
Sun Dec 12 18:59:46 UTC 2021


On Sun, 2021-12-12 at 13:50 -0500, Philippe LeCavalier via samba wrote:
> On Sun, Dec 12, 2021, 11:55 Andrew Bartlett <abartlet at samba.org>
> wrote:
> 
> > On Sat, 2021-12-11 at 22:33 -0500, Philippe LeCavalier via samba
> > wrote:
> > > 
> > > No just for failed logins . The lockout will create DoS and I'm
> > > seeing way more failed logins than I like.
> > 
> > https://wiki.samba.org/index.php/Setting_up_Audit_Logging was
> > specifically intended to provide enough detail to allow this kind
> > of
> > thing.
> > 
> > Andrew Bartlett
> > 
> Sorry Andrew, could you clarify? Are you saying samba has the ability
> to
> ban per public IP or just the the log sys doesn't need to be
> redirected to
> use fail2ban

Neither.  Just that (unlike in times past) we now provide enough
information in logs to implement this using fail2ban if you desire.

Andrew Bartlett

-- 
Andrew Bartlett (he/him)       https://samba.org/~abartlet/
Samba Team Member (since 2001) https://samba.org
Samba Team Lead, Catalyst IT   https://catalyst.net.nz/services/samba

Samba Development and Support, Catalyst IT - Expert Open Source
Solutions




More information about the samba mailing list