Re: Odd issue with fail2ban

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] 

Leonard den Ottolander wrote:
> Hello Gé,
>
> On Mon, 2012-08-13 at 09:41 -0700, Gé Weijers wrote:
>> Some attack programs are too stupid to give up even if they find that
>> password and keyboard interactive authentication is turned off. One
>> kept trying for weeks.
>
> Well I guess one *could* filter on the disconnect string to block such
> IPs, but one has to make sure that legitimate hosts are white listed, or
> that the findtime is sufficiently small to not let legitimate hosts
> trigger the rule. White listing is surely the safest approach.

Sorry, can't do that with servers whose websites are open to the world,
and when folks here have collaborators around the world.

        mark

ObDisclaimer: I do not speak for my employer, or for the US federal
government agency that I work in. No, it's neither the NSA, nor DOD.

_______________________________________________
CentOS mailing list
CentOS@xxxxxxxxxx
http://lists.centos.org/mailman/listinfo/centos
[Index of Archives]     [CentOS]     [CentOS Announce]     [CentOS Development]     [CentOS ARM Devel]     [CentOS Docs]     [CentOS Virtualization]     [Carrier Grade Linux]     [Linux Media]     [Asterisk]     [DCCP]     [Netdev]     [Xorg]     [Linux USB]
  Powered by Linux