[Mageia-dev] Fail2Ban vs Blockhosts vs DenyHosts vs iptable throttle for SSH

Claire Robinson eeeemail at gmail.com
Tue Feb 19 17:43:56 CET 2013 

On 19/02/13 12:51, finid at linuxbsdos.com wrote:
> 
> 
> On 2013-02-19 11:45, Robert Fox wrote:
>> On Tue, 2013-02-19 at 12:35 +0100, Guillaume Rousse wrote:
>>> Le 19/02/2013 12:20, finid at linuxbsdos.com a écrit :
>>> > If that's how you feel about having a program like DenyHosts
>>> running by
>>> > default, do you feel the same way about having a firewall running and
>>> > configured out of the box.
>>> >
>>> > Is a firewall a sysadmin's or packager's choice?
>>> A sysadmin choice. Pushing always more stuff 'by default' doesn't help
>>> users to make educated choices.
>>
>> On one hand I agree, on the other hand - we want a distribution which
>> simply works and common choices are made (like which firewall) from the
>> distro side - a good enough Sysadmin can then change to his/her liking
>> afterwards.  This is more or less a distro "philosophy" question, but
>> look why "Mint" has become so popular - because many choices are made
>> upfront for the user - yet the flexibility is in the system (and enough
>> packages) for an advanced user to change them!
>>
>> As long as the default settings are documented upfront - I see no issue
>> in making such a decision on behalf of the "average" user - and making a
>> more security robust distribution.
>>
>> BTW, there is no Mageia package for BlockHosts - but fail2ban and
>> DenyHosts there are packages . . .
>>
> 
> This is the point that many distro devs don't seem to understand. People
> want a system that just works. Have you observed that Macs are very
> popular with geeks, that is, the guys who can mess with a system in and
> out. Why?
> 
> How did Ubuntu and Mint become so popular? That's right, they just work.
> All the sane options have been pre-selected.
> 
> I once had a discussion with a dev who did not want to have the updates
> manager's icon in the systray because he did not want to clutter that
> part of the panel.
> 
> 
> -- 
> finid
> 


With this in mind could somebody mind looking at bugs 8985, 8986, 8987
and possibly also 9107.

https://bugs.mageia.org/show_bug.cgi?id=8985
https://bugs.mageia.org/show_bug.cgi?id=8986
https://bugs.mageia.org/show_bug.cgi?id=8987
https://bugs.mageia.org/show_bug.cgi?id=9107

T.I.A.

Claire

More information about the Mageia-dev mailing list