Viewing posts tagged fail2ban
Recently, I was looking at my postfix logs and found more than 13,000 Auth fail attempts and I was shocked. We had recently changed our user password due to a security breach, so I thought that some apps might have still not implemented the change, However after doing a reverse dig on the IP I saw it did not belong to us at all.
After digging around for solutions, I came across Fail2Ban. Fail2BAN is written in python and does log scanning to BLock IP's which match a particular IP address.