Rich Kulawiec on 29 Aug 2018 01:29:07 -0700


[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

Re: [PLUG] Linux tip: Log IP addresses, not hostnames, for use by fail2ban...


On Tue, Aug 28, 2018 at 02:29:19PM -0400, Ronald Guilmet wrote:
> Maybe I'm missing something. My servers were always locked down. SSH access
> was from a specific IP, and the only way is was with keys. With that setup,
> why would I care what someone is throwing at the machine? Does it cause a
> performance issue that I'm not aware of?

No, you don't care and you don't need to care.  As long as you're discarding
junk//abuse/attack packets as fast as they arrive, the performance hit will
be too low to measure (modulo a DoS attack) and you can simply ignore them.

---rsk
___________________________________________________________________________
Philadelphia Linux Users Group         --        http://www.phillylinux.org
Announcements - http://lists.phillylinux.org/mailman/listinfo/plug-announce
General Discussion  --   http://lists.phillylinux.org/mailman/listinfo/plug