Objection.
+ Use denyhosts as this is what we're using on the rest of infra.
+ we should talk a bit about whether we want denyhosts on for all cloud boxes or just specific ones. I lean towards enabling it for security but we did envision the cloud hosts being more forgiving than the rest of infra's hosts so we should just take a moment to make sure there's no use cases it's impacting.
-Toshio
-Toshio
On Oct 7, 2013 3:56 AM, "Miroslav Suchý" <msuchy@xxxxxxxxxx> wrote:
On 10/07/2013 05:23 AM, Anshu Prateek wrote:
Most of these logins are automated bot attempts. On my personal servers, one easy way I have found is changing the
default port to something else and that cuts down my lastb by almost 99%!
Yes, I do that for my personal servers as well (and it works really good). But I do not think this is good approach in organization when people fluctuate quite often (think about apprentice group).
fail2ban looks good, I'm trying it right now. Unless somebody will object I will add it to ./tasks/cloud_setup_basic.yml
so all cloud images will use it.
--
Miroslav Suchy, RHCE, RHCDS
Red Hat, Software Engineer, #brno, #devexp, #fedora-buildsys
_______________________________________________
infrastructure mailing list
infrastructure@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/infrastructure
_______________________________________________ infrastructure mailing list infrastructure@xxxxxxxxxxxxxxxxxxxxxxx https://admin.fedoraproject.org/mailman/listinfo/infrastructure
