Fail2ban is an open source and freely distributed command-line software that can be used to scans logs and ban IP addresses that generate too many password failures. It is a client/server program that has been designed from the ground up to work on any GNU/Linux operating system.
The software is a highly configurable, allowing users to parse log files and look for given patterns, execute commands when a pattern has be detected for the same IP address, for more than X times, execute commands in order to unban an IP address.
Backed by the iptables firewall
The software uses iptables by default, but it can also use TCP Wrapper (/etc/hosts.deny) or others firewalls. It handles log files rotation, resolves DNS hostname to IP address, sends e-mail notifications, and can handle more than one service (apache, sshd, vsftpd, etc.) and multiple logging targets (stdout, syslog, stderr, etc.).
There are three command implemented in your system after installing the Fail2ban package via the main software repositories of your distribution or by using the universal sources archive distributed on Softpedia.
Getting started with Fail2ban
To install and use this software on your computer, you must download the latest version from Softpedia, save the archive on a location of your choice, unpack its contents using your favorite archive manager tool, open any Linux Terminal app and use the ‘cd’ command to navigate to the location of the extracted archive files.
Install the software system wide and make it available to all users on your system by executing the ‘python setup.py install’ command as root or the ‘sudo python setup.py install’ command as a privileged user. That’s it, you can now run the ‘fail2ban-server’ command to start the server and then the ‘fail2ban-client’ command to start the client and view/manage banned IP addresses.