• Register
    • Login
    • Search
    • Recent
    • Unsolved
    • Tags
    • Popular
    • Users
    • Groups
    • Search

    Security Request: Integrated Fail2Ban for login window

    Feature Request
    5
    9
    368
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • A
      astrugatch last edited by astrugatch

      Might be useful for FOS login too. Shouldn’t be impossible to implement. Add Fail2Ban to list of apps to get from the repo and point it to the login logs. I’m sure I’m way over simplifying it (not a dev obviously). As FOG moves to a more secure standard install (SQL password, HTTPS etc) this would be another great feature to have.

      1 Reply Last reply Reply Quote 1
      • L
        lukebarone @george1421 last edited by

        @george1421 Thanks for the input!

        I’m not looking to specifically put F2B in; I am putting in code to log to a file login failures and successes, then the SysAdmin can choose to setup a F2B jail based on that. I believe heavily in separation of responsibilities, so I will definitely look into writing a proper tutorial.

        Do you think code for simply logging the login attempts would get merged?

        1 Reply Last reply Reply Quote 0
        • george1421
          george1421 Moderator @lukebarone last edited by george1421

          @lukebarone I’ve been looking into this too. To implement fail2ban correctly iptables needs to be initialized if you want real protection other than just blocking on http or ssh logon failures. There are difficulties with the current fog configuration to really tighten down the open ports. For FOG 1.6 there is a request to move to nfsv4 this will send all nfs traffic over a single port that can be firewalled successfully. Other options would be for the FOG Installer (optionally) enable access restrictions to a specific network subnet.

          Fail2ban may not be something the developers want to include in the core base code, but surely a tutorial can be developed to show others how to install and enable its protection.

          Please help us build the FOG community with everyone involved. It's not just about coding - way more we need people to test things, update documentation and most importantly work on uniting the community of people enjoying and working on FOG!

          L 1 Reply Last reply Reply Quote 0
          • L
            lukebarone @lukebarone last edited by lukebarone

            WIP - I have FOG now logging to a text file with the remote IP, and an indicator of whether the username supplied was a success or not. I’ll continue testing this next week, and report back if I get it working on new installs too.

            If it works, I’ll create a merge request on Github. This has been a fun challenge so far 🙂

            george1421 1 Reply Last reply Reply Quote 0
            • L
              lukebarone @astrugatch last edited by

              I would like this as well, for my schools that I administer.

              L 1 Reply Last reply Reply Quote 0
              • A
                astrugatch @Quazz last edited by

                @Quazz

                In K12 its pretty common to treat many of your internal users as hostile (right or wrong) since students seem to always try to mess with things whether with malice or just screwing around.

                Also with some of the other changes in security on FOG (DB and HTTPS etc) pointing toward the outside to manage devices via the client doesn’t sound impossible for small deployments. Again, it’s not what I’m doing or planning to do, but it would be possible if measures like these were in place.

                L 1 Reply Last reply Reply Quote 2
                • george1421
                  george1421 Moderator @Sebastian Roth last edited by

                  @Sebastian-Roth If fog logged failed logins to syslog then if a FOG Admin wanted to implement Fail2Ban then it would be possible. Fail2Ban is not something that the FOG Project should be concerned with (IMO). I can see value in FOG logging invalid log attempts to syslog or a /opt/fog/log file. There would be (minimal but) value to log valid attempts too if security is a top concern. Possibly something for FOG 1.6?

                  Please help us build the FOG community with everyone involved. It's not just about coding - way more we need people to test things, update documentation and most importantly work on uniting the community of people enjoying and working on FOG!

                  1 Reply Last reply Reply Quote 1
                  • Q
                    Quazz Moderator @Sebastian Roth last edited by Quazz

                    @Sebastian-Roth Agreed.

                    You have a bigger problem on your hands if people are trying to brute force from inside your network, imo.

                    And even more so if you publically expose FOG.

                    Though logging failed auth attempts could potentially be interesting.

                    @astrugatch Can you explain why you would like this?

                    A 1 Reply Last reply Reply Quote 0
                    • S
                      Sebastian Roth Moderator last edited by

                      @astrugatch As FOG is mostly used in internal networks I don’t see too much value in this. Just my personal opinion. Any one else?

                      Web GUI issue? Please check apache error (debian/ubuntu: /var/log/apache2/error.log, centos/fedora/rhel: /var/log/httpd/error_log) and php-fpm log (/var/log/php*-fpm.log)

                      Please support FOG if you like it: https://wiki.fogproject.org/wiki/index.php/Support_FOG

                      Q george1421 2 Replies Last reply Reply Quote 0
                      • 1 / 1
                      • First post
                        Last post

                      135
                      Online

                      10.4k
                      Users

                      16.4k
                      Topics

                      150.5k
                      Posts

                      Copyright © 2012-2023 FOG Project