Results 1 to 4 of 4

Thread: protect your cccam server with fail2ban in 4 steps installation

  1. #1
    Status
    Online
    Geosharing's Avatar
    GS Administrator
    Join Date
    May 2014
    Location
    -=UAE=-
    Interests
    CardSharing
    Posts
    1,895

    protect your cccam server with fail2ban in 4 steps installation

    How to protect your cccam s*rver with fail2ban in 4 steps installation

    '' If you server slow down or have high network load or high consummation on ram or cpu. You need to jail unwanted peers.

    After following modification my server stop to freeze.

    My system is Ubuntu server 11.10 32bit, cccam 2.1.3

    1. Prepare your system (all commands are started like normal user)

    $ sudo apt-get update
    $ sudo apt-get upgrade
    $ sudo apt-get install fail2ban nano bsd-mailx
    $ sudo touch /var/log/cccam.log
    $ sudo chmod 755 /var/log/cccam.log

    Change cccam options in your cccam start up script to

    ./CCcam.x86 -d > /var/log/cccam.log &

    2. Configuration

    - run command:

    $ sudo nano /etc/fail2ban/jail.conf

    - change

    backend = auto

    to

    backend = polling

    - after

    # action, port, logpath, etc) in that section within jail.local

    add and change 1234 with your cccam port after save and close file.

    [cccam_sign]

    enabled = true
    port = 1234
    filter = cccam_sign
    logpath = /var/log/cccam.log
    maxretry = 10
    bantime = 86400

    [cccam_double]

    enabled = true
    port = 1234
    filter = cccam_double
    logpath = /var/log/cccam.log
    maxretry = 10
    bantime = 3600

    [cccam_bad]

    enabled = true
    port = 1234
    protocol = tcp
    filter = cccam_bad
    logpath = /var/log/cccam.log
    maxretry = 10
    bantime = 1800

    [cccam_ill]

    enabled = true
    port = 1234
    filter = cccam_ill
    logpath = /var/log/cccam.log
    maxretry = 3
    bantime = 12000

    [cccam_fail]

    enabled = true
    filter = cccam_fail
    action = iptables-allports[name=cccam_fail2ban]
    sendmail-whois[name=cccam_fail2ban]
    logpath = /var/log/fail2ban.log
    findtime = 604800
    bantime = 604800

    - run command:

    $ sudo nano /etc/fail2ban/filter.d/cccam_bad.conf

    - enter the following content after save and close file.

    # Fail2Ban configuration file
    #
    # Author: Cyril Jaquier
    #
    # $Revision: 510 $
    #

    [Definition]

    # Option: failregex
    # Notes.: regex to match the password failures messages in the logfile. The
    # host must be matched by a group named "host". The tag "<HOST>" can
    # be used for standard IP/hostname matching and is only an alias for
    # (?:::f{4,6}?(?P<host>\S+)
    # Values: TEXT
    #
    failregex = CCcam: kick <HOST>.*, bad command

    # Option: ignoreregex
    # Notes.: regex to ignore. If this regex matches, the line is ignored.
    # Values: TEXT
    #
    ignoreregex =

    - run command:

    $ sudo nano /etc/fail2ban/filter.d/cccam_double.conf

    - enter the following content after save and close file.

    # Fail2Ban configuration file
    #
    # Author: Cyril Jaquier
    #
    # $Revision: 510 $
    #

    [Definition]

    # Option: failregex
    # Notes.: regex to match the password failures messages in the logfile. The
    # host must be matched by a group named "host". The tag "<HOST>" can
    # be used for standard IP/hostname matching and is only an alias for
    # (?:::f{4,6}?(?P<host>\S+)
    # Values: TEXT
    #
    failregex = CCcam: double login .*, \(previous <HOST>\), reject

    # Option: ignoreregex
    # Notes.: regex to ignore. If this regex matches, the line is ignored.
    # Values: TEXT
    #
    ignoreregex =

    - run command:

    $ sudo nano /etc/fail2ban/filter.d/cccam_fail.conf


    - enter the following content after save and close file.


    # Fail2Ban configuration file
    #
    # Author: Cyril Jaquier
    #
    # $Revision: 510 $
    #

    [Definition]

    # Option: failregex
    # Notes.: regex to match the password failures messages in the logfile. The
    # host must be matched by a group named "host". The tag "<HOST>" can
    # be used for standard IP/hostname matching and is only an alias for
    # (?:::f{4,6}?(?P<host>\S+)
    # Values: TEXT
    #
    failregex = fail2ban.actions: WARNING \[(.*)\] Ban <HOST>

    # Option: ignoreregex
    # Notes.: regex to ignore. If this regex matches, the line is ignored.
    # Values: TEXT
    #
    ignoreregex =


    - run command:

    $ sudo nano /etc/fail2ban/filter.d/cccam_ill.conf


    - enter the following content after save and close file.


    # Fail2Ban configuration file
    #
    # Author: Cyril Jaquier
    #
    # $Revision: 510 $
    #

    [Definition]

    # Option: failregex
    # Notes.: regex to match the password failures messages in the logfile. The
    # host must be matched by a group named "host". The tag "<HOST>" can
    # be used for standard IP/hostname matching and is only an alias for
    # (?:::f{4,6}?(?P<host>\S+)
    # Values: TEXT
    #
    failregex = CCcam: illegal user .* from <HOST>

    # Option: ignoreregex
    # Notes.: regex to ignore. If this regex matches, the line is ignored.
    # Values: TEXT
    #
    ignoreregex =

    - run command:

    $ sudo nano /etc/fail2ban/filter.d/cccam_sign.conf

    - enter the following content after save and close file.

    # Fail2Ban configuration file
    #
    # Author: Cyril Jaquier
    #
    # $Revision: 510 $
    #

    [Definition]

    # Option: failregex
    # Notes.: regex to match the password failures messages in the logfile. The
    # host must be matched by a group named "host". The tag "<HOST>" can
    # be used for standard IP/hostname matching and is only an alias for
    # (?:::f{4,6}?(?P<host>\S+)
    # Values: TEXT
    #
    failregex = CCcam: kick <HOST>, signature failed

    # Option: ignoreregex
    # Notes.: regex to ignore. If this regex matches, the line is ignored.
    # Values: TEXT
    #
    ignoreregex =

    3. Reboot the system.

    4. Login into system and make running checks.

    - run command:

    $ tail -f /var/log/cccam.log

    If you see displayed content so that mean cccam log working well.

    - run command:

    $ tail -f /var/log/fail2ban.log

    That will display banned ip addresses from fail2ban if you have any unneeded peers . ''

  2. #2
    Status
    Offline
    bandookk's Avatar
    Junior Member
    Join Date
    Jul 2014
    Posts
    16
    Nice workzzzzz

  3. #3
    Status
    Offline
    carding343's Avatar
    Member
    Join Date
    Aug 2014
    Posts
    74
    good work great man

  4. #4
    Status
    Offline
    alianum's Avatar
    Member
    Join Date
    Nov 2014
    Posts
    64

    Re: protect your cccam server with fail2ban in 4 steps installation

    great work for starting users

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Similar Threads

  1. Paladium Private CCcam ★Stable and Strong Euro Cccam Server ★Refund Guarantee
    By Paladium Private CCcam in forum Non Verified Perimium Server
    Replies: 42
    Last Post: 06-01-2018, 09:42 PM
  2. Steps to activate hbbtv in vu + solo
    By Geosharing in forum Vu+ Information and Tutorial
    Replies: 1
    Last Post: 04-26-2017, 04:08 PM
  3. Private CCcam ★Stable and Strong Euro Cccam Server ★Refund Guarantee
    By birm in forum Non Verified Perimium Server
    Replies: 2
    Last Post: 06-19-2016, 12:03 PM
  4. Replies: 2
    Last Post: 11-01-2015, 05:11 AM
  5. Replies: 0
    Last Post: 07-01-2015, 02:19 PM

Tags for this Thread

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  
RSS RSS 2.0 XML MAP HTML TAGS

All posts written express the point of view of its owner, does not imply in any way the point of view of management forum.

petites annonces