Security Request: Integrated Fail2Ban for login window
Might be useful for FOS login too. Shouldn’t be impossible to implement. Add Fail2Ban to list of apps to get from the repo and point it to the login logs. I’m sure I’m way over simplifying it (not a dev obviously). As FOG moves to a more secure standard install (SQL password, HTTPS etc) this would be another great feature to have.
In K12 its pretty common to treat many of your internal users as hostile (right or wrong) since students seem to always try to mess with things whether with malice or just screwing around.
Also with some of the other changes in security on FOG (DB and HTTPS etc) pointing toward the outside to manage devices via the client doesn’t sound impossible for small deployments. Again, it’s not what I’m doing or planning to do, but it would be possible if measures like these were in place.
@Sebastian-Roth If fog logged failed logins to syslog then if a FOG Admin wanted to implement Fail2Ban then it would be possible. Fail2Ban is not something that the FOG Project should be concerned with (IMO). I can see value in FOG logging invalid log attempts to syslog or a /opt/fog/log file. There would be (minimal but) value to log valid attempts too if security is a top concern. Possibly something for FOG 1.6?
You have a bigger problem on your hands if people are trying to brute force from inside your network, imo.
And even more so if you publically expose FOG.
Though logging failed auth attempts could potentially be interesting.
@astrugatch Can you explain why you would like this?
@astrugatch As FOG is mostly used in internal networks I don’t see too much value in this. Just my personal opinion. Any one else?