[asterisk-users] asterisk and fail2ban
Gordon Henderson
gordon+asterisk at drogon.net
Wed Mar 30 15:11:04 CDT 2011
On Wed, 30 Mar 2011, Terry Brummell wrote:
> I think you will find Fail2Ban the defacto standard.
I don't use fai2ban. Never have, never will because I simply don't need
it.
Standard iptables are good enough if you can be bothered to use them to
their full abilities. No need for anything else as iptables can do
connection tracking and blocking against time - just like fail2ban does.
More than X connections a second/minute/hour from a given IP address? Yes,
iptables can detect and block that. Works for all protocolls too - SIP,
IAX, POP, SSH, etc.
Gordon
More information about the asterisk-users
mailing list