On Tue, Oct 06, 2015 at 12:07:25AM +0900, Stephen J. Turnbull wrote:
> Perhaps a per-user login attempt limit would work for you. Each
> (ab)user is different. But I don't think it's a good idea for a
> supported feature of Mailman, it's too fragile and it would be an
> invitation to an endless s
Aditya Jain writes:
> If I block a particular IP address because some disgruntled person
> from the organization is trying to brute force, it will block
> access for other legitimate users from that organization (because
> they have only one IP dedicated to browsing traffic).
This is a social
Hi,
On Monday 05 October 2015 04:19 PM, Laura Creighton wrote:
> I think that Aditya Jain's problem is that he (she?)
He :)
> doesn't understand that fail2ban takes a look at where the attackers
> are coming from and bans _their_ Host from connecting. He thought
> it worked by making his host un
I think that Aditya Jain's problem is that he (she?)
doesn't understand that fail2ban takes a look at where the attackers
are coming from and bans _their_ Host from connecting. He thought
it worked by making his host unconnectable, which of course will not
work.
But I could be wrong ..
Laura
---
On Sun, Oct 04, 2015 at 11:43:55AM +0530, Aditya Jain wrote:
> On Sunday 04 October 2015 07:28 AM, Mark Sapiro wrote:
> > fail2ban runs on (in this case) the machine on which Mailman's web
> > interface runs. It monitors the web server logs and looks for (in this
> > case) a minimum number of 401 e
