We have two servers that are located within a DMZ, and are accessible from the Internet. The first server is a web server that hosts
several sites. The second is also a web server hosting several sites, but is also a sendmail server. Both systems run on Linux, and
utilize Apache as the web server application.
When configuring fail2ban on both systems, both have jails set up for ssh and denial of service attacks. I was looking into activating
and/or adding new jails to both systems. When looking at the jail.conf file, I was thinking of enabling the apache-badbots, named-refused-udp,
named-refused-tcp components on both systems. I am implementing the jail that is recommended for sendmail that is shown at the fail2ban
Is my activating the jails that were mentioned previously overkill, or should they be implemented as soon as possible?
The information in this e-mail is intended only for the person to whom it is
addressed. If you believe this e-mail was sent to you in error and the e-mail
contains patient information, please contact the Partners Compliance HelpLine at
http://www.partners.org/complianceline . If the e-mail was sent to you in error
but does not contain patient information, please contact the sender and properly
dispose of the e-mail.