[SOLVED] Securing... #2 - Printable Version +- ispCP - Board - Support (http://www.isp-control.net/forum) +-- Forum: ispCP Omega Support Area (/forum-30.html) +--- Forum: Usage (/forum-34.html) +--- Thread: [SOLVED] Securing... #2 (/thread-2709.html) Pages: 1 2 |
[SOLVED] Securing... #2 - HSorgYves - 03-12-2008 09:04 AM Refering again to http://www.isp-control.net/documentation/howto/security/make_ispcp_more_secure. This time its about fail2ban. How to enable it for postfix, couriersmtp and/or sasl? Thanks, Yves RE: Securing... #2 - Rene - 03-12-2008 09:07 AM http://www.fail2ban.org/wiki/index.php/Category:Configuration RE: Securing... #2 - HSorgYves - 03-12-2008 09:16 AM And where does ispCP store the log files (and under which names)? RE: Securing... #2 - Rene - 03-12-2008 09:23 AM ok, I see, the default is not so good, sry... i'm going to look at this in the afternoon if nobody else do this... RE: Securing... #2 - joximu - 03-12-2008 09:33 AM AFAIK ispCP does not change anything about the log files of postfix, courier, sasl etc... RE: Securing... #2 - Rene - 03-13-2008 04:13 AM hi sry, but i havn't got time for this. as joximu said ispcp change nothing about the logfiles. so you can use the default regex. you have to fit the port and the path (/var/log)... RE: Securing... #2 - HSorgYves - 04-06-2008 11:59 PM joximu is saying that ispCP does not change anything about the log files of postfix, ... Why does the HowTo then suggest to use the following for postfix: logpath = /var/log/auth.log Thanks, Yves RE: Securing... #2 - joximu - 04-07-2008 02:49 AM Can you give more details? RE: Securing... #2 - HSorgYves - 04-07-2008 02:57 AM Check http://www.isp-control.net/documentation/howto/security/make_ispcp_more_secure RE: Securing... #2 - joximu - 04-07-2008 03:13 AM Please read! This is for *proftpd*. The proftpd.conf from ispcp does not contain a value for the system log so it's logged to the default: /var/log/auth.log, the default system log for debian seems to be /var/log/proftpd/proftp.log. I have no idea what this has to do with the original question about postfix, courier and sasl. Since ispCP is supposed to run on several unix based systems it's possible that such small corrections have to be made. Every responsible admin is able to notice this and change the supplementary software accordingly. If you want to discuss if a change from the distribution default to the original software default is not ok, then please stay away from configurable servers. |