On 4/20/2012 9:25 AM, Tilman Schmidt wrote:
> I prefer action = iptables-allports on all of these, so that a source
> address attempting a bruteforce attack on one service is immediately
> banned from all services. I can't imagine a scenario where a machine
> that got blocked, for example, for attempting to bruteforce passwords
> via SMTP AUTH, should be allowed to try via FTP next. Even password
> attempts against ssh, which accepts only public key authentication on
> all my machines, trigger a block on all ports. So far I haven't had a
> single complaint about that
there was no information about 'allports' on any official fail2ban docs...
as to the one time it would be an issue is when you try to test it out
from your home IP and ban yourself from your entire server
:)
oops, well, at least it is working for ssh...
_______________________________________________
CentOS mailing list
CentOS@xxxxxxxxxx
http://lists.centos.org/mailman/listinfo/centos
