Michael Lazin via plug on 24 Mar 2021 13:50:51 -0700


[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

Re: [PLUG] Web Ass Pfirewall


It can make some server load but if you are going to use fail2ban you can automatically report attacking IP addresses using this premade code on blocklist.de,

http://www.blocklist.de/en/index.html

A friend of a friend runs this, I have used this before, it makes some server load so keep it in mind.

Really it is better to use ssh key pairs to avoid brute-force ssh attacks than using fail2ban.  Both Microsoft and Amazon force this by default with their hosting.  It is a good solution, and relatively easy to set up.  I have found github has very good documentation on generating ssh key pairs. 

Thanks,

Michael Lazin

.. τὸ γὰρ αὐτὸ νοεῖν ἐστίν τε καὶ εἶναι.


On Wed, Mar 24, 2021 at 4:38 PM Fred Stluka via plug <plug@lists.phillylinux.org> wrote:
Keith,

> Iptables is still pretty good for blocking / choking traffic.  You can
> automatically block bad actors / abusive IPs by using the various
> limit modules.  One of my favorite rules simply blocks SSH ingress
> based on packets per hour.  You exceed the limit, you get blocked for
> a certain amount of time.

Can you do that with iptables alone?  Or does it need something
like fail2ban to change the iptables rules dynamically?


> It works beautifully and is just one rule.

Care to post the rule?

Thanks!
--Fred
------------------------------------------------------------------------
Fred Stluka -- http://bristle.com -- Glad to be of service!
Open Source: Without walls and fences, we need no Windows or Gates.
------------------------------------------------------------------------


___________________________________________________________________________
Philadelphia Linux Users Group         --        http://www.phillylinux.org
Announcements - http://lists.phillylinux.org/mailman/listinfo/plug-announce
General Discussion  --   http://lists.phillylinux.org/mailman/listinfo/plug
___________________________________________________________________________
Philadelphia Linux Users Group         --        http://www.phillylinux.org
Announcements - http://lists.phillylinux.org/mailman/listinfo/plug-announce
General Discussion  --   http://lists.phillylinux.org/mailman/listinfo/plug