[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: How to push back against repeated login attempts?

On Tue, Mar 2, 2021 at 9:51 AM <oregano@disroot.org> wrote:

> Considering running a freedom box or similar, I have a RPi running Buster outside my home router's DMZ. It was discovered within a short time (minutes or hours) of first being setup.

ahh yes.  welcome to the discovery that there are people running
extremely sophisticated long-running break-in attempts, world-wide.

> It now has fail2ban running with defaults. Over about the last month, fail2ban logs show about 35,000 "unbans" from about 3700 unique IPs.

if you want to do something "gradual", use fail2ban recidive.

i decided 3 years ago that enough was enough, and simply set all and
any failed password attempts at an instant 2 week ban.  by running
OpenVPN i can at least get in if i happen to make a mistake.


Reply to: