11 May
2011
11 May
'11
6:58 p.m.
Hello, I'm running fail2ban on my centos machine. It's handling sshd and postfix, and is working quite well. From the reports I'm seeing all the atempts are from a certain registrar's region, I won't name it, and was wondering instead of blocking individual ip's if there was a way I could block with iptables the complete region of ip's. I realize this will cut off a good majority of the world, but this is something i'm still curious about?
With regards blocking ip's and fail2ban, which method is better in terms of system resources, blocking via iptables as in the case of sshd or blocking via hosts.deny as in the case of postfix?
Thanks. Dave.