Since spammers were way too much active on this wiki, user account creation has been disabled. Please, ask on the mailing-lists if you require a new user account. Thank you for your understanding and sorry about that.
Fail2ban scans log files (e.g. /var/log/apache/error_log) and bans IPs that show the malicious signs -- too many password failures, seeking for exploits, etc. Generally Fail2Ban is then used to update firewall rules to reject the IP addresses for a specified amount of time, although any arbitrary other action (e.g. sending an email) could also be configured. Out of the box Fail2Ban comes with filters for various services (apache, courier, ssh, etc).
Fail2Ban is able to reduce the rate of incorrect authentications attempts however it cannot eliminate the risk that weak authentication presents. Configure services to use only two factor or public/private authentication mechanisms if you really want to protect services.
0.9.0 is out. Added database and major improvements to filter and action capabilities Release Notes for 0.9.0
2014/03/15 0.8.13 is a minor release on 0.8.12 to correct filters, actions and improve some error handling in core. Release Notes for 0.8.13.
2014/01/2 0.8.12 is out. Added features flushlogs for improved log rotation and ignorecommand for dynamic ignores. Fixed apache filters that where over tightened last release and added some new filters. For more details see the release notes
To experiment with this wiki try Sandbox. See the User's Guide for usage and configuration help.