Re: How to push back against repeated login attempts?
Of course, dictionary or random attacks will be drastically hampered
if you limit how often they can fail. 3 failures or so causes a
lockout for some hours is the usual. Failed attempts can constitute a
denial of service attack under some circumstances though due to
network chatter.
On 3/2/21, Luke Kenneth Casson Leighton <lkcl@lkcl.net> wrote:
> On Tue, Mar 2, 2021 at 9:51 AM <oregano@disroot.org> wrote:
>
>> Considering running a freedom box or similar, I have a RPi running Buster
>> outside my home router's DMZ. It was discovered within a short time
>> (minutes or hours) of first being setup.
>
> ahh yes. welcome to the discovery that there are people running
> extremely sophisticated long-running break-in attempts, world-wide.
>
>> It now has fail2ban running with defaults. Over about the last month,
>> fail2ban logs show about 35,000 "unbans" from about 3700 unique IPs.
>
> if you want to do something "gradual", use fail2ban recidive.
>
> i decided 3 years ago that enough was enough, and simply set all and
> any failed password attempts at an instant 2 week ban. by running
> OpenVPN i can at least get in if i happen to make a mistake.
>
> l.
>
>
--
-------------
Education is contagious.
Reply to: