Re: [PLUG] Linux tip: Log IP addresses, not hostnames, for use by fail2ban...

[Rich Kulawiec <rsk@gsp.org>]

On Fri, Aug 17, 2018 at 03:42:27PM -0400, Fred Stluka wrote:
> As you may have noticed, there's been a massive upswing in hacking
> attempts from China in the past couple weeks.?? My servers now get
> hit an additional hundreds or thousands of times per day.?? You may
> want to check your logs and beef up your security.

Why are you allowing network traffic from China to get anywhere near
your servers?  You should have permanently firewalled out the entire
country years ago, using the blocks carefully maintained here:

	Okean - The Goods
	https://www.okean.com/thegoods.html

Drop those into your configuration.  Update once a month.  And stop
fooling around with half-ass measures like fail2ban.

---rsk
___________________________________________________________________________
Philadelphia Linux Users Group         --        http://www.phillylinux.org
Announcements - http://lists.phillylinux.org/mailman/listinfo/plug-announce
General Discussion  --   http://lists.phillylinux.org/mailman/listinfo/plug