Blog Post

92-168-0-104:~ razvansky$ nmap
-bash: nmap: command not found
192-168-0-104:~ razvansky$ brew install nmap
==> Installing dependencies for nmap: openssl
==> Installing nmap dependency: openssl
==> Downloading https://homebrew.bintray.com/bottles/openssl-1.0.2e.yosemite.bottle.tar.gz
######################################################################## 100.0%
==> Pouring openssl-1.0.2e.yosemite.bottle.tar.gz
==> Caveats
A CA file has been bootstrapped using certificates from the system
keychain. To add additional certificates, place .pem files in
  /usr/local/etc/openssl/certs

and run
  /usr/local/opt/openssl/bin/c_rehash

This formula is keg-only, which means it was not symlinked into /usr/local.

Apple has deprecated use of OpenSSL in favor of its own TLS and crypto libraries

Generally there are no consequences of this for you. If you build your
own software and it requires this formula, you'll need to add to your
build variables:

    LDFLAGS:  -L/usr/local/opt/openssl/lib
    CPPFLAGS: -I/usr/local/opt/openssl/include

==> Summary
🍺  /usr/local/Cellar/openssl/1.0.2e: 465 files, 17M
==> Installing nmap
==> Downloading https://homebrew.bintray.com/bottles/nmap-7.00.yosemite.bottle.tar.gz
######################################################################## 100.0%
==> Pouring nmap-7.00.yosemite.bottle.tar.gz
==> Caveats
Python modules have been installed and Homebrew's site-packages is not
in your Python sys.path, so you will not be able to import the modules
this formula installed. If you plan to develop with these modules,
please run:
  mkdir -p /Users/razvansky/Library/Python/2.7/lib/python/site-packages
  echo 'import site; site.addsitedir("/usr/local/lib/python2.7/site-packages")' >> /Users/razvansky/Library/Python/2.7/lib/python/site-packages/homebrew.pth
==> Summary
🍺  /usr/local/Cellar/nmap/7.00: 713 files, 24M

192-168-0-104:~ razvansky$ nmap -sT -O localhost
TCP/IP fingerprinting (for OS scan) requires root privileges.
QUITTING!
192-168-0-104:~ razvansky$ sudo nmap -sT -O localhost
Password:

Starting Nmap 7.00 ( https://nmap.org ) at 2015-12-16 17:15 EET
WARNING: RST from 127.0.0.1 port 88 -- is this port really open?
WARNING: RST from 127.0.0.1 port 88 -- is this port really open?
WARNING: RST from 127.0.0.1 port 88 -- is this port really open?
WARNING: RST from 127.0.0.1 port 88 -- is this port really open?
WARNING: RST from 127.0.0.1 port 88 -- is this port really open?
WARNING: RST from 127.0.0.1 port 88 -- is this port really open?
Nmap scan report for localhost (127.0.0.1)
Host is up (0.000067s latency).
Other addresses for localhost (not scanned): ::1
Not shown: 963 closed ports, 29 filtered ports
PORT      STATE SERVICE
88/tcp    open  kerberos-sec
445/tcp   open  microsoft-ds
631/tcp   open  ipp
3689/tcp  open  rendezvous
8000/tcp  open  http-alt
20005/tcp open  btx
49153/tcp open  unknown
49154/tcp open  unknown
Device type: general purpose
Running: Apple Mac OS X 10.7.X
OS CPE: cpe:/o:apple:mac_os_x:10.7.2
OS details: Apple Mac OS X 10.7.2 (Lion) (Darwin 11.2.0)
Network Distance: 0 hops

OS detection performed. Please report any incorrect results at https://nmap.org/submit/ .
Nmap done: 1 IP address (1 host up) scanned in 7.29 seconds

$ sudo yum install fail2ban

# setăm un fisier config jail pentru sshd:
$ sudo vi /etc/fail2ban/jail.d/sshd.local

$ sudo systemctl restart fail2ban
$ sudo fail2ban-client status
Status
|- Number of jail:  1
`- Jail list:   sshd
$ sudo fail2ban-client status sshd
Status for the jail: sshd
|- Filter
|  |- Currently failed: 0
|  |- Total failed: 5742
|  `- File list:    /var/log/secure
`- Actions
   |- Currently banned: 6
   |- Total banned: 6
   `- Banned IP list:   195.154.104.191 218.200.188.213 124.133.2.85 193.104.41.54 218.65.30.92 5.189.171.29