[asterisk-users] A new hack?
Gordon Henderson
gordon+asterisk at drogon.net
Sun Nov 27 07:47:48 CST 2011
On Sat, 26 Nov 2011, C F wrote:
> On Sat, Nov 26, 2011 at 7:50 AM, Gordon Henderson
> <gordon+asterisk at drogon.net> wrote:
>> On Sat, 26 Nov 2011, Terry Brummell wrote:
>>
>>> Install & Configure Fail2Ban then the host will be blocked from
>>> connecting. And no, it's not new.
>>
>> I don't need Fail2Ban, thank you. But your advice might be useful to others.
>
> Why is that?
> Even if they don't compromise an account they are still using your
> bandwidth and resources on your machine.
Linux has excellent built-in subsystems to control firewalling and so on
without resorting to external programs. It's called iptables. If you know
how to use them, then using an external resource such as fail2ban is
unneccessary.
For example, with iptables rules you can say something like: If a
connection from a remote site to a local port happens more than (say) once
a second then drop that connection.
And that happens right at the kernel level without the need to run any
userland software, write config files, monitor log files and so on.
I've posted about it in the past - search the archives if you want to know
more.
Gordon
More information about the asterisk-users
mailing list