Things are running along pretty smoothly on the Ubuntu server over on Amazon AWS. Doing some research on server admin and security, saw a post on installing Logwatch to more easily scan the logs daily. Of course, no surprise to see lots of attempts at compromising the server.
Decided to do something about it and found this article (geared more to Debian Wheezy, but still applies to Ubuntu): Install and Config Fail2Ban
I particularly liked the information about apache-badbots and apache-myadmin, both of which would help block a lot of the traffic seen in the logs.
Also saw lots of entries in the logs with w00tw00t.at.blackhats.romanian.anti-sec:)
So looked up a post on this blog that discusses using fail2ban specifically to block it.
Fun stuff!
