One Hat Cyber Team
Your IP :
18.222.219.148
Server IP :
104.21.48.1
Server :
Linux agrigation-prod 5.15.0-67-generic #74-Ubuntu SMP Wed Feb 22 14:14:39 UTC 2023 x86_64
Server Software :
nginx/1.24.0
PHP Version :
7.4.33
Buat File
|
Buat Folder
Eksekusi
Dir :
~
/
etc
/
fail2ban
/
filter.d
/
Edit File:
sendmail-auth.conf
# Fail2Ban filter for sendmail authentication failures # [INCLUDES] before = common.conf [Definition] _daemon = (?:sendmail|sm-(?:mta|acceptingconnections)) # "\w{14,20}" will give support for IDs from 14 up to 20 characters long __prefix_line = %(known/__prefix_line)s(?:\w{14,20}: )? addr = (?:IPv6:<IP6>|<IP4>) prefregex = ^<F-MLFID>%(__prefix_line)s</F-MLFID><F-CONTENT>.+</F-CONTENT>$ failregex = ^(\S+ )?\[%(addr)s\]( \(may be forged\))?: possible SMTP attack: command=AUTH, count=\d+$ ^AUTH failure \(LOGIN\):(?: [^:]+:)? authentication failure: checkpass failed, user=<F-USER>(?:\S+|.*?)</F-USER>, relay=(?:\S+ )?\[%(addr)s\](?: \(may be forged\))?$ ignoreregex = journalmatch = _SYSTEMD_UNIT=sendmail.service # DEV Notes: # # Author: Daniel Black
Simpan