Welcome to ARK Core v3
Technology Stack
Directory Structure
Data Models
Cryptography
Architecture
Application Lifecycle
Service Container
Service Provider
Managers and Drivers
Contracts
Services
Attributes
Cache
Events
Filesystem
Logging
Mixins
Pipeline
Queue
Schedule
Triggers
Validation
Understanding the Lifecycle
Understanding the Nonce
Transaction Types
Overview
Transfer
2nd Signature Registration
Delegate Registration
Vote / Unvote
Multisignature Registration
Ipfs
Multipayment
Delegate Resignation
HTLC
Entity
Introduction
Requirements
Configuring Core
Environment Variables
Using the Install Script
Installing from Source
Docker on Linux/macOS
Docker on Windows
Security Through Obscurity
Using SSH
Staying Up-to-Date
Applying iptables
Installing Fail2Ban
Setting Up Port Knocking
Cloudflare DDoS Protection
Core Run Modes
Core CLI Commands
Starting a Relay
Starting a Forger
Using Snapshots
Creating Factories
Launching a Testnet
Launching a Block Explorer
Using the Core-Tester-CLI
Creating Event Emitters
Creating API Servers
Implementing Milestones
Using Docker
Core CLI
Available Commands
Creating Commands
dApps
Authoring Core dApps
Modeling the Structure
Creating a Module
Plugins
Authoring Plugins
Managing Plugins
Custom Transactions
Authoring Transaction Types
Defining the Structure
Implementing the Builder
Implementing the Handler
Loading the dApp
Running the Example
Introduction
Using the Sandbox
Testing Plugins
Testing Transactions
2.0
2.0 Release Guide
2.0 Upgrade Guide
2.1
2.1 Release Guide
2.1 Upgrade Guide
2.2
2.2 Release Guide
2.2 Upgrade Guide
2.3
2.3 Release Guide
2.3 Upgrade Guide
2.4
2.4 Release Guide
2.4 Upgrade Guide
2.5
2.5 Release Guide
2.5 Upgrade Guide
2.6
2.6 Release Guide
2.6 Upgrade Guide
3.0
3.0 Release Guide
3.0 Upgrade Guide
3.0 Upgrade Guide (Docker)
3.8.2
3.8.2 Release Guide
3.8.2 Upgrade Guide
4.0 (Development)
4.0 Upgrade Guide - Devnet
Troubleshooting
Security Vulnerabilities
Contact Us

Installing Fail2Ban

When running an ARK node, especially a Delegate Node, you should consider your server’s security as your main priority.

Warning

During this guide, we will configure network and SSH parameters, which if improperly performed might permanently lock you out of your server. Ensure you fully understand each step before proceeding.

Install Fail2Ban

What Is Fail2Ban

The basic idea behind fail2ban is to monitor the logs of standard services to spot patterns in authentication failures. For example, by finding many password authentication failures originating from a single IP, whois commands shortly after connecting over SSH or other known exploits.

Warning

Fail2Ban can reduce the rate of incorrect authentications attempts however it cannot eliminate the risk that weak authentication presents. Configure services to use only two factor or public/private authentication mechanisms if you want to protect services. :::

Installation

Install Fail2Ban and create local configuration file.

1sudo apt-get install fail2ban
2sudo cp /etc/fail2ban/jail.conf /etc/fail2ban/jail.local

Configuration

Find all the references that specify port = SSH (typically in the SSH header section) and change the port to the new one you selected in the SSH security section above.

1sudo nano /etc/fail2ban/jail.local

File: /etc/fail2ban/jail.local

 1#
 2# SSH Servers
 3#
 4 
 5[sshd]
 6port = ssh
 7logpath = %(sshd_log)s
 8 
 9[sshd-ddos]
10# This Jail Corresponds to the Standard Configuration in Fail2ban
11# The Mail-Whois Action Sends a Notification E-Mail With a Whois Request
12port = ssh
13logpath = %(sshd_log)s
14 
15[dropbear]
16port = ssh
17logpath = %(dropbear_log)s
18 
19 
20[selinux-ssh]
21port = ssh
22logpath = %(auditd_log)s
23maxretry = 5

Save Your Config File

Press CTRL+X to exit the file, Y to save the file and then Enter to write to the file and return to the command line.

Restart Fail2Ban Daemon

1sudo service fail2ban restart
2exit
Previous
Next
Last updated 2 years ago
Edit Page
Share: