Re: fail2ban attempt, anyone want to add anything?

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]



On 4/20/2012 9:25 AM, Tilman Schmidt wrote:
> I prefer action = iptables-allports on all of these, so that a source 
> address attempting a bruteforce attack on one service is immediately 
> banned from all services. I can't imagine a scenario where a machine 
> that got blocked, for example, for attempting to bruteforce passwords 
> via SMTP AUTH, should be allowed to try via FTP next. Even password 
> attempts against ssh, which accepts only public key authentication on 
> all my machines, trigger a block on all ports. So far I haven't had a 
> single complaint about that 
there was no information about 'allports' on any official fail2ban docs...
as to the one time it would be an issue is when you try to test it out 
from your home IP and ban yourself from your entire server
:)

oops, well, at least it is working for ssh...
_______________________________________________
CentOS mailing list
CentOS@xxxxxxxxxx
http://lists.centos.org/mailman/listinfo/centos


[Index of Archives]     [CentOS]     [CentOS Announce]     [CentOS Development]     [CentOS ARM Devel]     [CentOS Docs]     [CentOS Virtualization]     [Carrier Grade Linux]     [Linux Media]     [Asterisk]     [DCCP]     [Netdev]     [Xorg]     [Linux USB]
  Powered by Linux