<![CDATA[In today's digital era, server security is a top priority for many organizations. Intrusion Detection Systems (IDS) such as Fail2ban, have proven effective in protecting servers from threats by monitoring logs and blocking suspicious IP addresses. This paper discusses the implementation of Fail2ban integrated with Telegram notifications, how it works, testing, and results showing improvements in detecting and responding to attacks. Server ssh brute force attacks pose considerable risks to web servers and have potentially severe consequences. Implementing strong preventive measures, continuous monitoring, and leveraging Telegram notifications for real-time alerts significantly improved the organization’s security posture. These combined efforts ensure robust and responsive detection of brute force attacks. Fail2ban was able to quickly discover the IP address from which the attacker performed the brute force attack and took preventive action by blocking the attacker's Ip for 3 failed login attempts within a specified time limit of 3600 s.]]>
Copyrights © 2025
