[asterisk-users] A new hack?

jon pounder jonp at inline.net
Wed Nov 30 08:07:19 CST 2011


On 11/30/2011 09:01 AM, Tom Browning wrote:

I agree - its a bad comparison of 2 different things meant for different 
purposes.

iptables is enforcement, fail2ban is detection.

if you have time to sit and make up iptables rules by hand during every 
hack attempt
1) you have too much time on your hands
2) you have too much time on your hands





> On Tue, Nov 29, 2011 at 4:44 PM, john Millican<john at millican.us>  wrote:
>
>> Maybe I am misunderstanding the gist of the comment
> OP offered an invalid comparison of how iptables is better than Fail2Ban.
>
> Whether or not OP knew that Fail2Ban simply feeds rules to iptables is
> unclear from his comments.
>
> Log scraping is a time honored and effective method to correlate bad behavior.
>
> Log scraping can see things that no iptables rule would ever find.  Think SSL.
>
> If Fail2Ban is a bad log scraper framework, then criticize it with a
> clear understanding of its role.
>
> --
> _____________________________________________________________________
> -- Bandwidth and Colocation Provided by http://www.api-digital.com --
> New to Asterisk? Join us for a live introductory webinar every Thurs:
>                 http://www.asterisk.org/hello
>
> asterisk-users mailing list
> To UNSUBSCRIBE or update options visit:
>     http://lists.digium.com/mailman/listinfo/asterisk-users




More information about the asterisk-users mailing list