[sf-lug] reasons for running/not running fail2ban
Alex Kleider
a_kleider at yahoo.com
Mon Feb 11 17:33:38 PST 2008
Saturday evening I had an opportunity to discuss fail2ban and Rick gave
me his views on why he did NOT like to run it.
Rick, I hope I am not miss quoting you but here's my understanding:
1. the chance that an attacker might by this method actually guess a
correct name and password pair is minute and
2. you don't like the idea of a program having input into your
iptables.
I was discussing this with a friend and his comment was that it isn't
against repeated password attempts that we are trying to protect
ourselves; it's against denial of service. My understanding is that
it's against someone who is not actually expecting to log on, but
against someone that just is trying to overwhelm your resources.
I'd be interested in comments regarding these issues.
alex
a_kleider at yahoo.com
____________________________________________________________________________________
Be a better friend, newshound, and
know-it-all with Yahoo! Mobile. Try it now. http://mobile.yahoo.com/;_ylt=Ahu06i62sR8HDtDypao8Wcj9tAcJ
More information about the sf-lug
mailing list