Hi,
Simpler solution, I simply run sshd on a non-standard port and that seems to eliminate attacks. Most just seem to be automated botnets broken into via CGA vuneralities trying port 22 across IP ranges til they get a reply. So although its security by obscurity it saves a hell of a lot of noise and copious, repetitive log reading. Now when fail2ban triggers I know its likely to be a "serious" human driven attempt and I need to pay attention and make the ban permanent. I normally iptables ban IP ranges as well not just that particular IP. regards Steven
------------------------------------------------------------------------------
_______________________________________________ Fail2ban-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/fail2ban-users
