On 7/1/2013 2:15 AM, Kushal Kumaran wrote:
Jerry Stuckle writes:
OK, that makes a lot of sense. However, there are two problems with
fail2ban, also. The first one is it requires an authentication failure.
Port probing will not trigger it (but recent can). The second being
it depends o
One more bit on the use of the 'recent' match against DoS.
Pascal Hambourg a écrit :
>
> The ruleset using the 'recent' match is based only on TCP packets with
> the NEW state, i.e. the initial SYN. A single SYN packet can be easily
> forged with a spoofed source address. Fail2ban is based on
> a
Jerry Stuckle writes:
>>
>
> OK, that makes a lot of sense. However, there are two problems with
> fail2ban, also. The first one is it requires an authentication failure.
> Port probing will not trigger it (but recent can). The second being
> it depends on log entries, which can be buffe
On 6/30/2013 2:20 PM, Pascal Hambourg wrote:
staticsafe a écrit :
On Sun, Jun 30, 2013 at 03:15:47PM +0200, Pascal Hambourg wrote:
Redalert Commander a écrit :
-- Forwarded message --
From: Igor Cicimov
You can block repeated attempts to log in with iptables using the
'recent
On Sun, Jun 30, 2013 at 08:20:48PM +0200, Pascal Hambourg wrote:
> staticsafe a écrit :
> > On Sun, Jun 30, 2013 at 03:15:47PM +0200, Pascal Hambourg wrote:
> >> Redalert Commander a écrit :
> >>> -- Forwarded message --
> >>> From: Igor Cicimov
> >>>
> You can block repeated a
staticsafe a écrit :
> On Sun, Jun 30, 2013 at 03:15:47PM +0200, Pascal Hambourg wrote:
>> Redalert Commander a écrit :
>>> -- Forwarded message --
>>> From: Igor Cicimov
>>>
You can block repeated attempts to log in with iptables using the
'recent' module, an alternative
On Sun, Jun 30, 2013 at 03:15:47PM +0200, Pascal Hambourg wrote:
> Redalert Commander a écrit :
> >
> > -- Forwarded message --
> > From: Igor Cicimov
> >
> >> You can block repeated attempts to log in with iptables using the
> >> 'recent' module, an alternative is 'fail2ban', whi
On 6/30/2013 9:15 AM, Pascal Hambourg wrote:
Redalert Commander a écrit :
-- Forwarded message --
From: Igor Cicimov
You can block repeated attempts to log in with iptables using the
'recent' module, an alternative is 'fail2ban', which monitors your
server logs (ssh, apache, a
Redalert Commander a écrit :
>
> -- Forwarded message --
> From: Igor Cicimov
>
>> You can block repeated attempts to log in with iptables using the
>> 'recent' module, an alternative is 'fail2ban', which monitors your
>> server logs (ssh, apache, and others) for failed login atte
9 matches
Mail list logo
