Ecosyste.ms: Awesome
An open API service indexing awesome lists of open source software.
https://github.com/toulisdev/fail2ban-action-mssql
Fail2ban action for adding banned ips to your MS SQL Server. This is how to add ban ips from fail2ban to SQL Server or MS SQL Server. MS SQL Server Action for Fail2ban. Fail2ban action for ms sql server
https://github.com/toulisdev/fail2ban-action-mssql
fail2ban fail2ban-action fail2ban-filter ms-sql ms-sql-server ms-sql-server-action ms-sql-server-action-fail2ban ms-sql-server-action-for-fail2ban mssql mssql-database mssqlserver shell-script sql sql-server
Last synced: about 1 month ago
JSON representation
Fail2ban action for adding banned ips to your MS SQL Server. This is how to add ban ips from fail2ban to SQL Server or MS SQL Server. MS SQL Server Action for Fail2ban. Fail2ban action for ms sql server
- Host: GitHub
- URL: https://github.com/toulisdev/fail2ban-action-mssql
- Owner: ToulisDev
- Created: 2022-03-14T13:35:05.000Z (over 2 years ago)
- Default Branch: main
- Last Pushed: 2022-08-30T17:00:32.000Z (about 2 years ago)
- Last Synced: 2024-10-12T07:40:15.721Z (about 1 month ago)
- Topics: fail2ban, fail2ban-action, fail2ban-filter, ms-sql, ms-sql-server, ms-sql-server-action, ms-sql-server-action-fail2ban, ms-sql-server-action-for-fail2ban, mssql, mssql-database, mssqlserver, shell-script, sql, sql-server
- Language: Shell
- Homepage:
- Size: 3.91 KB
- Stars: 7
- Watchers: 1
- Forks: 1
- Open Issues: 0
-
Metadata Files:
- Readme: README.md
Awesome Lists containing this project
README
# MS SQL Server Action for fail2ban
This is a script to add banned ips from fail2ban to your MS SQL server using ban-action from fail2ban. (Tested on Ubuntu Server)
## Requirements
You have to get mssql-tools and fail2ban to get this script running.
```
sudo apt-get update
sudo apt-get install mssql-tools fail2ban
```
## Installation
### Step 1:
Create a database to your MS SQL Server named fail2ban and create a user fail2ban that has write/update permission to database (You can give dbowner permission too).
### Step 2:
Download the ".my.cnf-fail2ban" file using sudo permision and edit it with your favourite text editor.
You should change the `````` with your password of user fail2ban.
After changing the password move the file to /root/ folder.
```
sudo wget https://raw.githubusercontent.com/ToulisDev/fail2ban-action-mssql/main/.my.cnf-fail2ban
sudo nano ./.my.cnf-fail2ban
sudo mv ./.my.cnf-fail2ban /root/.my.cnf-fail2ban
```
### Step 3:
Download config file for fail2ban service and move it to "/etc/fail2ban/action.d/" folder.
```
wget https://raw.githubusercontent.com/ToulisDev/fail2ban-action-mssql/main/banned_db.conf
mv ./banned_db.conf /etc/fail2ban/action.d/banned_db.conf
```
### Step 4:
Download the "fail2ban_banned_db" bash script, give chmod 0550 permission and move the file to "/usr/local/bin/fail2ban_banned_db".
```
sudo wget https://raw.githubusercontent.com/ToulisDev/fail2ban-action-mssql/main/fail2ban_banned_db
sudo chmod 0550
sudo mv ./fail2ban_banned_db /usr/local/bin/fail2ban_banned_db
```
### Step 5:
Add action to your "/etc/fail2ban/jail.local" file. Example:
```
[mssqld]
enabled = true
logpath = /var/opt/mssql/log/errorlog
maxfailures = 3
findtime = 600
bantime = 672h
filter = mssqld-auth
port = 1433
action = iptables-allports
banned_db[name=mssqld, port="All-ports", protocol=tcp] <--- name,port, protocol are optional you can add the action just with "banned_db"
```
And finally, restart your fail2ban-client.
```sudo fail2ban-client restart```
## Contributing
Pull requests are welcome. For major changes, please open an issue first to discuss what you would like to change.