[GTALUG] fail2ban problem
ac
ac at main.me
Thu Aug 30 07:05:07 EDT 2018
On Thu, 30 Aug 2018 05:49:58 -0500
o1bigtenor <o1bigtenor at gmail.com> wrote:
> On Thu, Aug 30, 2018 at 4:13 AM, ac via talk <talk at gtalug.org> wrote:
> > yeah, this is the reason why I do not usually respond to this type
> > of post... security is a wide and varying topic. and opinions are
> > held by all and sundry.
> > just for the record though: what i said was: fail2ban is not the
> > right tool
> > not that it cannot do it...
> Greetings
> As someone who is trying to learn about security and feeling that the
> curve is moving far faster than I can I hope it is not inappropriate
> that I as - - - what would be the 'right' tool for this job?
>
the op originally mentioned an amplification, it also depends on
ingress/egress (hijacked AS / routing qos / etc etc) and any number of
other issues. running name servers is also a whole topic on its own
as there is never one answer, but on ppp i would just use rate limit in
bind.conf - i guess on a single name servers and with no load /
production / other value based issue, it does not really matter if you
do use anything.
hth
Andre
More information about the talk
mailing list