From Nuclear Physics Group Documentation Pages
Jump to navigationJump to search

Basic Stuff

Iptables - This is a minimum, to keep the ports secure.
Fail2ban - Works together with iptables to block break-in attempts.


There are a number of automatic blacklist tables that can be useful. Mostly, these would reduce the times fail2ban has to block an ip. Possible solutions:

  • Snort
    • Created by Cisco
    • Available for Centos, Ubuntu, Windows
    • Requires a rules pull.
  • Autoshun
    • Seems to work with Snort, setup is not clear (yet)