[asterisk-users] A new hack?

C F shmaltz at gmail.com
Mon Dec 5 19:40:55 CST 2011


On Fri, Dec 2, 2011 at 11:35 AM, Jim Lucas <lists at cmsws.com> wrote:
> On 11/26/2011 5:00 PM, C F wrote:
>> On Sat, Nov 26, 2011 at 7:50 AM, Gordon Henderson
>> <gordon+asterisk at drogon.net> wrote:
>>> On Sat, 26 Nov 2011, Terry Brummell wrote:
>>>
>>>> Install & Configure Fail2Ban then the host will be blocked from
>>>> connecting.  And no, it's not new.
>>>
>>> I don't need Fail2Ban, thank you. But your advice might be useful to others.
>>
>> Why is that?
>> Even if they don't compromise an account they are still using your
>> bandwidth and resources on your machine.
>>
>
> How is using Fail2Ban less resource intensive then me writing (by hand) iptable
> rules?

Sorry I wasnt very clear in my first writing, I'll try to clarify.
Using iptables only detects one type of attack (aggressive
connections). While his machines might be secure enough to allow any
other attacks and still not compromise his machine, iptables will
still allow them thru and therefore the attack will be using his
bandwidth/resources, with f2b one can add as many rules as/when they
arrive.

>
> Also, since both methods involve the use of iptables, where exactly is the
> bandwidth savings?

In detection.

>
> --
> Jim Lucas
>
> --
> _____________________________________________________________________
> -- Bandwidth and Colocation Provided by http://www.api-digital.com --
> New to Asterisk? Join us for a live introductory webinar every Thurs:
>               http://www.asterisk.org/hello
>
> asterisk-users mailing list
> To UNSUBSCRIBE or update options visit:
>   http://lists.digium.com/mailman/listinfo/asterisk-users



More information about the asterisk-users mailing list