[CentOS] Odd issue with fail2ban
Leonard den Ottolander
leonard at den.ottolander.nl
Mon Aug 13 17:20:23 UTC 2012
Hello Gé,
On Mon, 2012-08-13 at 09:41 -0700, Gé Weijers wrote:
> Some attack programs are too stupid to give up even if they find that
> password and keyboard interactive authentication is turned off. One
> kept trying for weeks.
Well I guess one *could* filter on the disconnect string to block such
IPs, but one has to make sure that legitimate hosts are white listed, or
that the findtime is sufficiently small to not let legitimate hosts
trigger the rule. White listing is surely the safest approach.
Regards,
Leonard.
--
mount -t life -o ro /dev/dna /genetic/research
More information about the CentOS
mailing list