Brute-force attacks against any of your password-protected services like SSH or break-in attempts against your web server are happening frequently for every public-facing system.
The fail2ban tool monitors your logfiles and acts as soon as it discovers malicious behavior in the way you told it to. One common use case is blocking malicious IP addresses by establishing firewall rules on the fly using iptables.
In this section, we'll have a look at how to set up a basic protection for SSH using fail2ban and iptables.
Make sure you've a cookbook named
run_list of your node includes
my_cookbook as described in the Creating and using cookbooks section in Chapter1, Chef Infrastructure ...