Intrusion Detection-What is Recidive?

What is the recidive jail in fail2ban and when does it get invoked?
I have a phone with a bad password that just got banned for a week.

FreePBX Distro 10.13.66-17

Repeat “offenders”… :wink:

I did not know (but correctly guessed what it was) but Google was my friend… :laughing:

In the distro it seems to be configurated like this:

# recidivist.
#  Noun: A convicted criminal who reoffends, especially repeatedly.
enabled  = true
filter   = recidive
logpath  = /var/log/fail2ban.log*
action   = iptables-allports[name=recidive, protocol=all]
     sendmail[name=recidive, dest=YOUR_RECIPIENT, sender=YOUR_SENDER]
bantime  = 604800  ; 1 week
findtime = 86400   ; 1 day
maxretry = 20

In the file YOUR_SENDER and YOUR_RECIPIENT are actually the sender and recipient of those emails… I removed mine before posting…

Have a nice day!