Package: fail2ban Version: 0.6.0-2 Severity: normal -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
Hi, IMHO the option 'ignoreip' in /etc/fail2ban.conf should be empty by default (now it is '192.168.0.0/16'). There is no reason why private networks should be excluded from banning. Since private networks are nowadays generally on 100Mbit or better, the risk of being brute-forced from a (hacked?) machine in the same private network is much higher than being brute forced from the internet. Greetings, Aaron - -- System Information: Debian Release: testing/unstable APT prefers unstable APT policy: (500, 'unstable') Architecture: i386 (i686) Shell: /bin/sh linked to /bin/dash Kernel: Linux 2.6.14-2-k7 Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8) Versions of packages fail2ban depends on: ii iptables 1.3.3-2 Linux kernel 2.4+ iptables adminis ii python 2.3.5-3 An interactive high-level object-o fail2ban recommends no packages. - -- no debconf information -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.2 (GNU/Linux) iD8DBQFDxmlDm2HPKfVbHyoRAv0HAJ9uSipZj/UTRsjNqE1FxJsiZVCL4gCfQK1A FsDJMgL3yuKEE9ke4wxrpys= =m0eY -----END PGP SIGNATURE----- -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
