[sf-lug] reasons for running/not running fail2ban

Alex Kleider a_kleider at yahoo.com
Mon Feb 11 17:33:38 PST 2008

Saturday evening I had an opportunity to discuss fail2ban and Rick gave
me his views on why he did NOT like to run it. 
Rick, I hope I am not miss quoting you but here's my understanding:
1. the chance that an attacker might by this method actually guess a
correct name and password pair is minute     and
2. you don't like the idea of a program having input into your

I was discussing this with a friend and his comment was that it isn't
against repeated password attempts that we are trying to protect
ourselves; it's against denial of service. My understanding is that
it's against someone who is not actually expecting to log on, but
against someone that just is trying to overwhelm your resources.

I'd be interested in comments regarding these issues.


a_kleider at yahoo.com

Be a better friend, newshound, and 
know-it-all with Yahoo! Mobile.  Try it now.  http://mobile.yahoo.com/;_ylt=Ahu06i62sR8HDtDypao8Wcj9tAcJ 

More information about the sf-lug mailing list