major overhaul

4 files changed, 68 insertions, 0 deletions

diff --git a/company/fail2ban-files/jail.d/00_default.jail b/company/fail2ban-files/jail.d/00_default.jail
new file mode 100644
index 0000000..71cd3e8
--- /dev/null
+++ b/company/fail2ban-files/jail.d/00_default.jail
@@ -0,0 +1,10 @@
+# Ansible controlled filename: /etc/fail2ban/jail.d/00_default.filter
+# Source: ansible bgstack15-fail2ban/files/00_default.conf
+# Date: 2016-06-23
+# Reference: 
+# NOTE: This file is managed via Ansible: manual changes will be lost
+
+[DEFAULT]
+ignoreip = 127.0.0.1/8 203.0.0.0/16 10.0.0.0/8 192.168.0.0/16 204.13.201.0/24 64.37.231.0/24
+# TrustKeeper Vulnerability Scan IPs = 204.13.201.0/24 64.37.231.0/24
+
diff --git a/company/fail2ban-files/jail.d/20_bju-blns.jail b/company/fail2ban-files/jail.d/20_bju-blns.jail
new file mode 100644
index 0000000..eb1d1c9
--- /dev/null
+++ b/company/fail2ban-files/jail.d/20_bju-blns.jail
@@ -0,0 +1,21 @@
+# Ansible controlled filename: /etc/fail2ban/jail.d/20_example-blns.jail
+# Source: ansible bgstack15-fail2ban/files/example-blns.jail
+# Date: 2016-04-19
+# Reference: 
+# NOTE: This file is managed via Ansible: manual changes will be lost
+
+[example-blns]
+enabled  = true
+action   = iptables-allports
+          sendmail[name=exampleblns, dest=linuxadmin@example.com]
+filter   = 20_example-blns
+logpath = /var/log/httpd/access_log
+          /var/log/httpd/error_log
+          /var/log/httpd/ssl_access_log
+          /var/log/httpd/ssl_error_log
+          /var/log/apache2/access_log
+          /var/log/apache2/error_log
+          /var/log/apache2/ssl_access_log
+          /var/log/apache2/ssl_error_log
+maxretry = 1
+bantime  = 86400
diff --git a/company/fail2ban-files/jail.d/30_bju-max3.jail b/company/fail2ban-files/jail.d/30_bju-max3.jail
new file mode 100644
index 0000000..6ca7781
--- /dev/null
+++ b/company/fail2ban-files/jail.d/30_bju-max3.jail
@@ -0,0 +1,21 @@
+# Ansible controlled filename: /etc/fail2ban/jail.d/30_example-max3.jail
+# Source: ansible bgstack15-fail2ban/files/example-max3.jail
+# Date: 2016-07-12
+# Reference: example-blns.jail
+# NOTE: This file is managed via Ansible: manual changes will be lost
+
+[example-max3]
+enabled  = true
+action   = iptables-allports
+          sendmail[name=examplemax3, dest=linuxadmin@example.com]
+filter   = 30_example-max3
+logpath = /var/log/httpd/access_log
+          /var/log/httpd/error_log
+          /var/log/httpd/ssl_access_log
+          /var/log/httpd/ssl_error_log
+          /var/log/apache2/access_log
+          /var/log/apache2/error_log
+          /var/log/apache2/ssl_access_log
+          /var/log/apache2/ssl_error_log
+maxretry = 3
+bantime  = 86400
diff --git a/company/fail2ban-files/jail.d/60_sshd.jail b/company/fail2ban-files/jail.d/60_sshd.jail
new file mode 100644
index 0000000..aeb2751
--- /dev/null
+++ b/company/fail2ban-files/jail.d/60_sshd.jail
@@ -0,0 +1,16 @@
+# Ansible controlled filename: /etc/fail2ban/jail.d/60_sshd.jail
+# Source: ansible bgstack15-fail2ban/files/sshd.jail
+# Date: 2016-06-23
+# Reference: Ubuntu 16.04 fail2ban package sshd jail
+# NOTE: This file is managed via Ansible: manual changes will be lost
+
+[ssh-iptables]
+
+enabled  = true
+filter   = sshd
+action   = iptables[name=SSH, port=ssh, protocol=tcp]
+           sendmail-whois[name=SSH, dest=root, sender=fail2ban@example.com]
+logpath  = %(sshd_log)s
+maxretry = 5
+
+ignoreip = 203.0.193.232/24