Stop
Sent from my iPhone
On Nov 27, 2014, at 8:42 PM, Libertas libertas@mykolab.com wrote:
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256
On 11/27/2014 07:50 PM, tor@zengers.de wrote: And I agree about SSHGuard. I've had a better experience with it, and it generally seems like a more carefully developed and more thoroughly documented project. Strangely, though, most experienced sysadmins still use and suggest fail2ban. Maybe I'm just missing something, or maybe people don't know about SSHGuard.
I'm still wondering about the popularity of fail2ban and SSHGuard, specially in regard to the ssh service. You can achieve almost the some behaviour with every major firewall. See for example [1] and [2].
And for the lazy ones, my current configs: ...
True, and thanks for the examples. I think the daemons are probably a better move for those who aren't firewall veterans, as everyone else would probably be copy-and-pasting firewall configs like the ones you gave and praying that they worked. The daemons probably also have more nuanced and flexible policies.
You also reminded me of a big factor I forgot to mention in the doc: firewalls. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1
iQIcBAEBCAAGBQJUd9MUAAoJELxHvGCsI27NlY0P/0MeYML3CCLlF3JHRDVy85CE FjjQlUjIH3wnTGuQJE/ooubWH8KslLhSq2PjBXMgxuObshf9DEHWHy7KNYvAJ+GE 1VMjONDV6uuZILLPur1UxFlSPrB2LfzBJCqLfx/LmtQFPoH3AztJnkyqLZIkVcMs X8IJ4Dv2kvX3q9oIXdqyiTECLSsAZ5GyhOcNPZGLdijaijWL6ajrpq74NE89cjNu TX4d5eR2WSJm18lQ3ViOwh4DmdRA/HeqtH/M3/DsDJvOP4D5lrERrc6ghBShZdsl dKndLPLWFTGGdV4DAbn96FBZQW9q2feRb+DBSdOXPlc8KqOFF2BMrb2a4tWv/szs uiTqsYTDj7TkvOLIR3Y1V1uRm6WvxdU5FKNH7+qouQg8G4hLPrcxmIGOTELDZtzn s30ffOScgM7kn3qb8hbs50peMDb3A67GXgNFnvFSf1eAaWJQdDbzYEfxzBzGvtvb DYCeavXAKC8LsgRIcfjnuhPuTfP0PSKX0RABgPR0hkt3TGsCObMSUETHD1IqRv+1 wWjLf+52Kn9ZwPxPxUt8yngaOZr9iGAKlQJJwoacujAFCjoGR+SflEojFjBcdyVV mZqgyDgSeAhPZyMIY5shY5VJcT7wBbUy8oLSEjdfOxrfUe4dHLPfGvPmv7U2sJQX rVwbNoRfYr2mhgLap7dN =UtrW -----END PGP SIGNATURE----- _______________________________________________ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays