Hello,
to stop bruteforce logins to samba i want to create a fail2ban-rule which
blocks IPs with to many login-errors.
unfortunately used logins and IPs in samba log are scattered to multiple
lines so i cant find a relation.
i use samba for wan and cant reduce to internal IPs.
What ist best in my case to get better logs or stop abusing?
nobody has an idea? is there no possibility to get logs which show which ip
is doing too much false logins?
Thanks,
Hajo
--
To unsubscribe from this list go to the following URL and read the
instructions: https://lists.samba.org/mailman/options/samba