I am being attacked by an entire subnet where the first two parts of the IP address remain identical but the last two parts vary sufficiently that it is not caught by fail2ban since the attempts do not meet the cut-off of a certain number of attempts within the given time. Has anyone created a fail2ban filter for this type of attack? As of right now, I have manually banned a range of IP addresses but would like to automate it for the future. _______________________________________________ CentOS mailing list CentOS@xxxxxxxxxx https://lists.centos.org/mailman/listinfo/centos
Blocking attacks from a range of IP addresses
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
- Subject: Blocking attacks from a range of IP addresses
- From: H <agents@xxxxxxxxxxxxxx>
- Date: Wed, 8 Jan 2020 19:37:15 -0500
- User-agent: Mozilla/5.0 (X11; Linux x86_64; rv:52.0) Gecko/20100101 Thunderbird/52.9.1
- Follow-Ups:
- Re: Blocking attacks from a range of IP addresses
- From: Pete Biggs
- Re: Blocking attacks from a range of IP addresses
- From: Thomas Stephen Lee
- Re: Blocking attacks from a range of IP addresses
- From: Keith Christian
- Re: Blocking attacks from a range of IP addresses
- Prev by Date: Re: CentOS 7 yum update
- Next by Date: Re: Blocking attacks from a range of IP addresses
- Previous by thread: CentOS 7 yum update
- Next by thread: Re: Blocking attacks from a range of IP addresses
- Index(es):
 |