Hi, @stephdl. Yes, the e-mail is quite long. Normally I just check, to find, that it come from some Internet provider network in China or in Ukraine. But sometimes the information is worth reporting.
Like tho one I get tonight.
Hi,
The IP 13.92.197.252 has just been banned by Fail2Ban after
3 attempts against sshd.
Here is more information about 13.92.197.252 :
[Querying whois.arin.net]
[whois.arin.net]
#
# ARIN WHOIS data and services are subject to the Terms of Use
# available at: https://www.arin.net/whois_tou.html
#
# If you see inaccuracies in the results, please report at
# https://www.arin.net/public/whoisinaccuracy/index.xhtml
#
#
# Query terms are ambiguous. The query is assumed to be:
# "n 13.92.197.252"
#
# Use "?" to get help.
#
#
# The following results may also be obtained via:
# https://whois.arin.net/rest/nets;q=13.92.197.252?showDetails=true&showARIN=false&showNonArinTopLevelNet=false&ext=netref2
#
NetRange: 13.64.0.0 - 13.107.255.255
CIDR: 13.104.0.0/14, 13.64.0.0/11, 13.96.0.0/13
NetName: MSFT
NetHandle: NET-13-64-0-0-1
Parent: NET13 (NET-13-0-0-0-0)
NetType: Direct Assignment
OriginAS:
Organization: Microsoft Corporation (MSFT)
RegDate: 2015-03-26
Updated: 2015-03-26
Ref: https://whois.arin.net/rest/net/NET-13-64-0-0-1
OrgName: Microsoft Corporation
OrgId: MSFT
Address: One Microsoft Way
City: Redmond
StateProv: WA
PostalCode: 98052
Country: US
RegDate: 1998-07-10
Updated: 2015-10-28
Comment: To report suspected security issues specific to traffic emanating from Microsoft online services, including the distribution of malicious content or other illicit or illegal material through a Microsoft online service, please submit reports to:
Comment: * https://cert.microsoft.com.
Comment:
Comment: For SPAM and other abuse issues, such as Microsoft Accounts, please contact:
Comment: * abuse@microsoft.com.
Comment:
Comment: To report security vulnerabilities in Microsoft products and services, please contact:
Comment: * secure@microsoft.com.
Comment:
Comment: For legal and law enforcement-related requests, please contact:
Comment: * msndcc@microsoft.com
Comment:
Comment: For routing, peering or DNS issues, please
Comment: contact:
Comment: * IOC@microsoft.com
Ref: https://whois.arin.net/rest/org/MSFT
OrgTechHandle: MRPD-ARIN
OrgTechName: Microsoft Routing, Peering, and DNS
OrgTechPhone: +1-425-882-8080
OrgTechEmail: IOC@microsoft.com
OrgTechRef: https://whois.arin.net/rest/poc/MRPD-ARIN
OrgAbuseHandle: MAC74-ARIN
OrgAbuseName: Microsoft Abuse Contact
OrgAbusePhone: +1-425-882-8080
OrgAbuseEmail: abuse@microsoft.com
OrgAbuseRef: https://whois.arin.net/rest/poc/MAC74-ARIN
#
# ARIN WHOIS data and services are subject to the Terms of Use
# available at: https://www.arin.net/whois_tou.html
#
# If you see inaccuracies in the results, please report at
# https://www.arin.net/public/whoisinaccuracy/index.xhtml
#
Regards,
Fail2Ban`
The bounty on âFail2ban package [$20]â has increased to $20: @WillZen increased the bounty by $5. The bounty will be awarded to the developer who successfully closes out this issue.
@dnutan posted a $15 bounty 2 days ago on this module. Who else wants to contribute? @stephdl would you like to set a goal in case the bounty is too low for you?
Whoo-hoo! Great shoot!
The bounty on âFail2ban package [$35]â has increased to $40 @StreetGuru increased the bounty by $5. The bounty will be awarded to the developer who successfully closes out this issue.
The work is done on my side, I pushed to nethforge-testing the rpms that you could find on my download folder. I plan to remove them once the work is validated by testers here. Nethserver-delegated-panel and nethserver-rh-mysl56 are not ready yet to be pushed.
Iâm quite busy ATM, and ready to go to andalucia for three weeks, so I wonât be easily reachable. The best is that once you will validate the work, then you should push the rpms yourself to nethforge.
Transaction check error:
file /usr/bin from install of nethserver-fail2ban-0.0.7-1.ns6.sdl.noarch conflicts with file from package filesystem-3.2-20.el7.x86_64