Fail2ban, how I love thee! Fail2ban is one of those tools that once I learned how valuable it is, I wondered how I ever lived so long without it. In the past, I used a utility known as DenyHosts to secure OpenSSH. DenyHosts protects SSH (no more, no less). It watches the server's log files, looking for authentication attempts. If it sees too many failures from a single IP address, it will create a firewall rule to block that IP. The problem was that it only protected OpenSSH. Another problem is that DenyHosts just kind of went away quietly. For some reason, it stopped being maintained and some distributions removed it outright. Fail2ban does what DenyHosts used to do (protect SSH) and more, as it is able to protect other services as well.
Installing and configuring Fail2ban is relatively straightforward. First, install its package:
sudo...