On Wed, 6 Apr 2011 09:46:12 +0100 (BST), Gordon Henderson
gordon+aster...@drogon.net wrote:
Have a look at these:
Thanks much Gordon. I'll study the scripts you mentionned. It looks
like iptables is good enough and I won't have to install a second tool
to watch the logs and reconfigure iptables
On Tue, 5 Apr 2011 17:38:15 -0400, Paul Dugas
p...@dugasenterprises.com wrote:
First, this appears to be working for me though I'm not 100% sure of
that and cannot guarantee it will for you in any way, shape or form.
With the lawyering out of the way...
Thanks a lot, Paul.
--
On 4/5/2011 4:38 PM, Paul Dugas wrote:
First, this appears to be working for me though I'm not 100% sure of
that and cannot guarantee it will for you in any way, shape or form.
With the lawyering out of the way...
I've seen fail2ban allow more than 500 failed SIP login attempts in
under 30
On Tue, 5 Apr 2011, Steve Edwards wrote:
On Tue, 5 Apr 2011, Gilles wrote:
I'm no expert of iptables, and it seems like it can handle banning
IP's that are trying to register and fail too many times.
Is there a good iptables configuration that I could use as reference?
Gordon Henderson
fail2ban(opensource) is a good choice for you
best
On Wed, Apr 6, 2011 at 1:16 PM, Gordon Henderson gordon+aster...@drogon.net
wrote:
On Tue, 5 Apr 2011, Steve Edwards wrote:
On Tue, 5 Apr 2011, Gilles wrote:
I'm no expert of iptables, and it seems like it can handle banning
IP's
Hello
I'm no expert of iptables, and it seems like it can handle banning
IP's that are trying to register and fail too many times.
I'd like to use this feature instead of having to install a second
tool such as SSHGuard or BFS that parses the logs and reconfigure
iptables on the fly.
Is
On Tue, 5 Apr 2011, Gilles wrote:
I'm no expert of iptables, and it seems like it can handle banning
IP's that are trying to register and fail too many times.
Is there a good iptables configuration that I could use as reference?
Gordon Henderson posted a link to his script that handled
fail2ban might be good for this.
On 04/05/2011 01:00 PM, asterisk-users-requ...@lists.digium.com wrote:
Date: Tue, 5 Apr 2011 08:44:41 -0700 (PDT)
From: Steve Edwardsasterisk@sedwards.com
Subject: Re: [asterisk-users] Iptables configuration to handle brute
force registrations
On Tue, Apr 5, 2011 at 1:31 PM, Bill Michaelson b...@cosi.com wrote:
fail2ban might be good for this.
I think you missed the point, which is reducing the need for an external
application that searches logs in order to determine whether or not to block
an IP.
Why run fail2ban and add overhead
On Tue, 5 Apr 2011, Sherwood McGowan wrote:
Why run fail2ban and add overhead when you can just do the same thing
with iptables itself?
Because it's not the same?
The iptables approach is great because it is 'light-weight' and it should
already 'be there.' Also, it can react quicker because
On 4/5/2011 2:11 PM, Steve Edwards wrote:
On Tue, 5 Apr 2011, Sherwood McGowan wrote:
Why run fail2ban and add overhead when you can just do the same thing
with iptables itself?
Because it's not the same?
The iptables approach is great because it is 'light-weight' and it
should already
On Tue, 5 Apr 2011, Sherwood McGowan wrote:
Why run fail2ban and add overhead when you can just do the same thing
with iptables itself?
On 4/5/2011 2:11 PM, Steve Edwards wrote:
Because it's not the same?
The iptables approach is great because it is 'light-weight' and it
should
On Tue, Apr 5, 2011 at 2:40 PM, Steve Edwards asterisk@sedwards.comwrote:
snip
Are there possibly other drawbacks that I'm not seeing/remembering? I've
been running an iptables based setup for some time, never really jumped into
the fail2ban wagon
I've never used fail2ban either. I
:
fail2ban might be good for this.
On 04/05/2011 01:00 PM, asterisk-users-requ...@lists.digium.com wrote:
Date: Tue, 5 Apr 2011 08:44:41 -0700 (PDT)
From: Steve Edwards asterisk@sedwards.com
Subject: Re: [asterisk-users] Iptables configuration to handle brute
force registrations
configuration to handle brute,force
registrations?
First, this appears to be working for me though I'm not 100% sure of
that and cannot guarantee it will for you in any way, shape or form.
With the lawyering out of the way...
I've seen fail2ban allow more than 500 failed SIP login attempts
15 matches
Mail list logo