[asterisk-users] A new hack?
Danny Nicholas
danny at debsinc.com
Fri Dec 2 10:41:00 CST 2011
Fail2ban assumes that #1 your environment is (wide) open and #2 you will
need to update iptables on an "instant response to attack" basis. If you
are open enough, even fail2ban isn't going to really help. If you have a
sufficiently written set of iptables rules (or you aren't allowing external
SIP/TCP/UDP traffic) you shouldn't (just my opinion) need fail2ban at all.
-----Original Message-----
From: asterisk-users-bounces at lists.digium.com
[mailto:asterisk-users-bounces at lists.digium.com] On Behalf Of Jim Lucas
Sent: Friday, December 02, 2011 10:35 AM
To: Asterisk Users Mailing List - Non-Commercial Discussion
Subject: Re: [asterisk-users] A new hack?
On 11/26/2011 5:00 PM, C F wrote:
> On Sat, Nov 26, 2011 at 7:50 AM, Gordon Henderson
> <gordon+asterisk at drogon.net> wrote:
>> On Sat, 26 Nov 2011, Terry Brummell wrote:
>>
>>> Install & Configure Fail2Ban then the host will be blocked from
>>> connecting. And no, it's not new.
>>
>> I don't need Fail2Ban, thank you. But your advice might be useful to
others.
>
> Why is that?
> Even if they don't compromise an account they are still using your
> bandwidth and resources on your machine.
>
How is using Fail2Ban less resource intensive then me writing (by hand)
iptable rules?
Also, since both methods involve the use of iptables, where exactly is the
bandwidth savings?
--
Jim Lucas
--
_____________________________________________________________________
-- Bandwidth and Colocation Provided by http://www.api-digital.com -- New to
Asterisk? Join us for a live introductory webinar every Thurs:
http://www.asterisk.org/hello
asterisk-users mailing list
To UNSUBSCRIBE or update options visit:
http://lists.digium.com/mailman/listinfo/asterisk-users
More information about the asterisk-users
mailing list