What is Fail2ban (Intrusion Prevention System)?


Fail2Ban is an intrusion prevention system that works by scanning log files and then taking action based on the entries in those logs.

You can configure Fail2Ban in a way that will update iptables firewall rules, when an authentication failure threshold is reached which helps in preventing SIP brute force attacks against FS instances.

Fail2Ban scans your PBX log file and bans IPs that makes too many password failures. It also updates firewall rules to reject the IP address.

Fail2Ban is available at fail2ban.org as well as documentation for installation and configuration.