Re: iptables question

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]



On 6/17/2014 19:35, Chuck Campbell wrote:
> I haven't done the load stats, but it appears
> to me that a hundred of these crackers hitting my machine at these rates is
> likely to deny my legit users some resources.

So increase the fail2ban time from the default (5 minutes, as I recall) 
to 1 hour, or 1 day.

> Besides, just because the odds are against you, sometimes luck is all it takes.

That sort of thinking is why governments have started to levy taxes on 
people who are bad at math.  (i.e. lotteries)

Some risks simply aren't worth worrying about.

Go play with the haystack calculator I linked from my previous email. 
If 8 random printable ASCII characters doesn't make you sleep well at 
night, make it nine.  Now the attack space is about 2 orders of 
magnitude larger.  If the risk with 8 was "sometime in my career, which 
cannot stand a single breach," the risk with 9 becomes "sometime after I 
have shuffled off this mortal coil."
_______________________________________________
CentOS mailing list
CentOS@xxxxxxxxxx
http://lists.centos.org/mailman/listinfo/centos




[Index of Archives]     [CentOS]     [CentOS Announce]     [CentOS Development]     [CentOS ARM Devel]     [CentOS Docs]     [CentOS Virtualization]     [Carrier Grade Linux]     [Linux Media]     [Asterisk]     [DCCP]     [Netdev]     [Xorg]     [Linux USB]
  Powered by Linux