[CentOS] fail2ban attempt, anyone want to add anything?
Bob Hoffman
bob at bobhoffman.com
Fri Apr 20 14:16:28 UTC 2012
On 4/20/2012 9:25 AM, Tilman Schmidt wrote:
> I prefer action = iptables-allports on all of these, so that a source
> address attempting a bruteforce attack on one service is immediately
> banned from all services. I can't imagine a scenario where a machine
> that got blocked, for example, for attempting to bruteforce passwords
> via SMTP AUTH, should be allowed to try via FTP next. Even password
> attempts against ssh, which accepts only public key authentication on
> all my machines, trigger a block on all ports. So far I haven't had a
> single complaint about that
there was no information about 'allports' on any official fail2ban docs...
as to the one time it would be an issue is when you try to test it out
from your home IP and ban yourself from your entire server
:)
oops, well, at least it is working for ssh...
More information about the CentOS
mailing list