[CentOS] [OT] odd network question

Mon Aug 5 08:00:23 UTC 2019
Giles Coochey <giles at coochey.net>

On 05/08/2019 08:50, Jon LaBadie wrote:
>
> I've found the default 10min bans hardly bother some attackers.
> So I've added the "recidive" feature of fail2ban.  After the
> second 10min ban, the attacker is blocked for 1 week.
>
Interesting, didn't know about that feature, but, oh, I just generally 
ban for a whole week regardless, yes, I realise that a typo might  set 
it off for a actual user, but I have other methods of entry to unban if 
that happens, and we have a number of whitelisted IPs that cover most 
things like that for most use cases, and a VPN within the whitelist that 
can be used if the public services get locked out.