Hey folks,
I'm trying to figure out how to code rules in puppetlabs-firewall to
mitigate Brew Force Attacks (BFA) and can't figure out how to code it.
Here is the pattern I'm trying to code:
$ sudo iptables -A INPUT -i eth0 -p tcp --dport 22 -m state --state
NEW -m recent --set --name SSH
$
Possibly you mean brute-force attacks?
I find fail2ban useful for this sort of thing, since this is not exclusively a
firewall issue:
http://en.wikipedia.org/wiki/Fail2ban
That said I haven't ever crossed this with a puppet-managed firewall.
On Tue, May 12, 2015 at 02:17:59PM +, Peter
yeah... using fail2ban right now and I'm not 100% pleased with it. I had
to employ a hack to get Puppet and fail2ban to get along and I'm not always
convinced it does what it should.
On Tue, May 12, 2015 at 10:30 AM Christopher Wood
christopher_w...@pobox.com wrote:
Possibly you mean
