Blog

After posting about Fail2ban yester day I remembered that there is one more cool tool. The tool is Sshguard and is similar to Fail2ban. However, Sshguard is implemented in C and not a scripting language like Fail2ban (python). Sshguard also increases the ban time exponentially ... and that is nice.

I have not tested Sshguard yet but one of my friends highly recommends it.

Fail2ban is a handy little script for anyone who wants to protect them self from hackers brute force attacks. Fail2ban scans log files like /var/log/pwdfail or /var/log/apache/error_log and bans IP that makes too many password failures. It updates firewall rules to reject the IP address. It works with SSH, HTTP, FTP, Mail services etc.

A couple weeks ago I wrote a bash script and tested it and the script worked. I copied the bash script to the daily cron jobs (/etc/cron.daily) and after a couple of days I noted that it had never been run. After 2 hours of debuging I syill could not get it to run. However, then I rembered that the cron jobs are executed by run-parts. I opened the man page and what did I find:

If neither the --lsbsysinit option nor the --regex option is given then the
names must consist entirely of upper and lower case letters, digits,
underscores, and hyphens.

The filename of my bash script had a dot in it (scriptname.sh) and crontab does not use run-parts with the --lsbsysinit option nor the --regex option. This is the second time I have screwed up a cron script name like this.

The simple solution was to remove the suffix from the filename of the script.