Securing vCenter Mobile Access using fail2ban
This is a small post which explains how you can secure vCenter Mobile Access (vCMA). For the people who don’t know what vCenter Mobile Access is I suggest you check out the Flings page. People who use the iPad vSphere Client will probably have this Fling running in their environment or lab.
The Fling itself is a CentOS install which has a few ports open to the outside by default. The following commands will help you install Fail2ban and give you the ability to secure these ports (by default SSH only is secured) from login failures, flooding,…
vcma:~# yum install iptables vcma:~# wget http://dl.fedoraproject.org/pub/epel/5/i386/epel-release-5-4.noarch.rpm vcma:~# rpm -Uvh epel-release-5-4.noarch.rpm vcma:~# yum install fail2ban
And finally you can start the service and see it listed in the iptables list.
vcma:~# /etc/init.d/fail2ban start Starting fail2ban: [ OK ] vcma:~# iptables -L Chain INPUT (policy ACCEPT) target prot opt source destination fail2ban-SSH tcp -- anywhere anywhere tcp dpt:ssh Chain FORWARD (policy ACCEPT) target prot opt source destination Chain OUTPUT (policy ACCEPT) target prot opt source destination Chain fail2ban-SSH (1 references) target prot opt source destination RETURN all -- anywhere anywhere
That’s it!