<div>
You might do better to use iptables to block connections before they get to the server if you are worried about load.
</div>


<div>
It wasnt the solution I was asking for.
</div>


<div>
In addition, the link titled &quot;Use fail2ban to block samba attacks&quot; doesnt actually give the solution for using fail2ban to block samba attacks.
</div>


<div>
<div class="content wysiwyg-content">
Hi,<br />
<br />
We have samba open on a public IP because it needs to be accessed from another machine in a different data centre.<br />
Samba's settings limit the access by IP address so we are safe.<br />
<br />
However we are seeing failed attempts:-<br />
&nbsp; Denied connection from &nbsp;(46.36.109.89)<br />
[2011/10/09 19:07:13, 1] smbd/process.c:process_smb<wbr />(1076)<br />
&nbsp; Connection denied from 46.36.109.89<br />
[2011/10/09 19:07:15, 0] lib/access.c:check_access(<wbr />327)<br />
&nbsp; Denied connection from &nbsp;(46.36.109.89)<br />
[2011/10/09 19:07:15, 1] smbd/process.c:process_smb<wbr />(1076)<br />
&nbsp; Connection denied from 46.36.109.89<br />
[2011/10/09 19:07:15, 0] lib/access.c:check_access(<wbr />327)<br />
&nbsp; Denied connection from &nbsp;(46.36.109.89)<br />
[2011/10/09 19:07:15, 1] smbd/process.c:process_smb<wbr />(1076)<br />
&nbsp; Connection denied from 46.36.109.89<br />
<br />
To reduce load on the server, I'm setting up fail2ban to block these attempts but can't find a Fail2Ban example for Samba.<br />
<br />
Can anyone assist?<br />
<br />
Thanks<br />
Dan
</div>
</div>


Hi,

We have samba open on a public IP because it needs to be accessed from another machine in a different data centre.
Samba's settings limit the access by IP address so we are safe.

However we are seeing failed attempts:-
  Denied connection from  (46.36.109.89)
[2011/10/09 19:07:13, 1] smbd/process.c:process_smb(1076)
  Connection denied from 46.36.109.89
[2011/10/09 19:07:15, 0] lib/access.c:check_access(327)
  Denied connection from  (46.36.109.89)
[2011/10/09 19:07:15, 1] smbd/process.c:process_smb(1076)
  Connection denied from 46.36.109.89
[2011/10/09 19:07:15, 0] lib/access.c:check_access(327)
  Denied connection from  (46.36.109.89)
[2011/10/09 19:07:15, 1] smbd/process.c:process_smb(1076)
  Connection denied from 46.36.109.89

To reduce load on the server, I'm setting up fail2ban to block these attempts but can't find a Fail2Ban example for Samba.

Can anyone assist?

Thanks
Dan

Samba and Fail2Ban

Linux is a UNIX-like open source operating system with hundreds of distinct distributions, including: Fedora, openSUSE, Ubuntu, Debian, Slackware, Gentoo, CentOS, and Arch Linux. Linux is generally associated with web and database servers, but has become popular in many niche industries and applications.

Linux

The variety of Linux distributions creates myriad issues relating to configuration and operations when computers are networked, not the least of which is the use of various network management applications, some of which are included with specific distributions, while others are standalone applications.