LinuxQuestions.org
Review your favorite Linux distribution.
Go Back   LinuxQuestions.org > Blogs
User Name
Password

Notices


Old

Blocking lists of IP addresses using the iptables recent module or ipset and make fail2ban use it.

Posted 04-21-2013 at 07:25 AM by unSpawn
Updated 04-21-2013 at 08:34 AM by unSpawn (//Suggest saving the current rule set)

To combat the common misconception that filling Netfilters filter table INPUT chain is still a valid choice, to show ease of use and for future reference I'll outline how to mass block IP(v4) addresses and how to integrate this in fail2ban.

*This web log post will not explain the fine print on ipset and iptables' {ipt,xt}_recent ('iptables -m recent --help'), nor will it tell you how to install anything, help you configure fail2ban, go into SysV vs BSD init scripts or application...
Moderator
Posted in Uncategorized
Views 7864 Comments 0 unSpawn is offline
Old

Denyhosts vs Fail2ban aka tcp_wrappers vs iptables

Posted 07-22-2010 at 03:58 AM by unSpawn

At times denyhosts is being recommended over fail2ban. The common misconception being these applications are equal. They're not, OK in more than one way, but focusing on method of filtering denyhosts uses tcp_wrappers by default where Fail2ban uses iptables by default.

Using tcp_wrappers means a packet has to be delivered to that service. The serving application is responsible for reading /etc/hosts.{deny,allow} to determine itself if a connection is allowed or not. Requiring a network...
Moderator
Posted in Uncategorized
Views 9050 Comments 1 unSpawn is offline

  



All times are GMT -5. The time now is 04:48 AM.

Main Menu
Advertisement
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Open Source Consulting | Domain Registration