Re: Combining fail2ban and firewalld Block by Country for a Layered Approach to Intrusion Protection

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Richard, sorry this is tardy. I was thinking about someone's (maybe it
was Matthew's?) point that the Magazine doesn't want to seem punitive
about any countries in particular. Maybe one of the ways to position
it is a use case where you run a site that serves a local neighborhood
(like an authority, or a business). It would made little sense for a
site like that to get a lot of visits from outside the locality, even
less so outside the country. So that makes a good backdrop for the
article.

The editors could also find an accurate title like "Add security with
firewalld with blacklists." It would also be helpful if you have a way
to show an additional use of blacklisting that relies on something
else like an IP range. However, it's legitimate to also deal with
country specific blacklists -- I have a site myself that suffers from
periodic attacks from specific places, so I sympathize. Hope this
helps!

We have a card set up here:
https://teams.fedoraproject.org/project/asamalik-fedora-magazine/us/158
I've added you as a writer so you can start using the WordPress
instance for your draft right away:
https://fedoramagazine.org/wp-admin

Paul


Paul

On Tue, Apr 21, 2020 at 1:01 PM Richard Shaw <hobbes1069@xxxxxxxxx> wrote:
>
> Ok, so first question... Is the working title too long? :)
>
> I referenced this article for the initial idea:
> https://www.linode.com/community/questions/11143/top-tip-firewalld-and-ipset-country-blacklist
>
> My basic outline:
> - Installing and setting up fail2ban, specifically for sshd
> - Methods to monitor the fail2ban log or get the sshd jail status from
> fail2ban-client
> - How to block IPs by country .
> - Will include:
> -- The script to largely automate the process
> -- A SystemD service file and timerl so updates to network addresses are
> picked up on a regular basis. (monthly?)
>
> If I work on this much more I should probably submit it as a package :)
>
> Next steps?
>
> Thanks,
> Richard
> _______________________________________________
> Fedora Magazine mailing list -- magazine@xxxxxxxxxxxxxxxxxxxxxxx
> To unsubscribe send an email to magazine-leave@xxxxxxxxxxxxxxxxxxxxxxx
> Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/
> List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
> List Archives: https://lists.fedoraproject.org/archives/list/magazine@xxxxxxxxxxxxxxxxxxxxxxx
_______________________________________________
Fedora Magazine mailing list -- magazine@xxxxxxxxxxxxxxxxxxxxxxx
To unsubscribe send an email to magazine-leave@xxxxxxxxxxxxxxxxxxxxxxx
Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: https://lists.fedoraproject.org/archives/list/magazine@xxxxxxxxxxxxxxxxxxxxxxx




[Index of Archives]     [Fedora Users]     [Older Fedora Users]     [Fedora Announce]     [Fedora Package Announce]     [EPEL Devel]     [EPEL Announce]     [Fedora Laptop]     [Fedora Cloud]     [Fedora Advisory Board]     [Fedora Security]     [Fedora Scitech]     [Fedora Robotics]     [Fedora Infrastructure]     [Fedora Websites]     [Anaconda Devel]     [Fedora Devel Java]     [Fedora Desktop]     [Fedora Fonts]     [Fedora Marketing]     [Fedora Mentors]     [Fedora Package Review]     [Fedora PHP Devel]     [Kickstart]     [Fedora Music]     [Fedora Packaging]     [Fedora SELinux]     [ET Management Tools]     [Yum Users]     [Fedora Art]     [Fedora ARM]

  Powered by Linux