[Mageia-dev] Fail2Ban vs Blockhosts vs DenyHosts vs iptable throttle for SSH

Guillaume Rousse guillomovitch at gmail.com
Tue Feb 19 12:03:48 CET 2013


Le 19/02/2013 11:06, finid at linuxbsdos.com a écrit :
> Sounds like a good idea to have something in place out of the box.
> PC-BSD, which has SSH server running by default also has DenyHosts
> configured and running by default.
That's a asysadmin choice, not a packager one. Bloating every machines 
just because it may be useful in some cases doesn't seems a good idea.

And the best defense against ssh scan bot is to forbid password-based 
authentications, BTW.
-- 
BOFH excuse #379:

We've picked COBOL as the language of choice.


More information about the Mageia-dev mailing list