Re: How to push back against repeated login attempts?

[Noah Meyerhans <noahm@debian.org>]

On Wed, Mar 03, 2021 at 09:50:33AM +0000, David Pottage wrote:
> Thanks for the tip on FireHOL, and all their block lists. I was using just
> the blocklist.de list and updating it nightly. It looks like I should be
> able to get better coverage by using more block lists.
> 
> You say that you chose not to use FireHOL itself, but instead chose to roll
> your own. Could I ask why? are there problems or downsides to FireHOL?

I don't have anything bad to say about their tooling.  My quick glance
at it, a couple of years ago, gave me the impression that it wanted to
own more of the firewall configuration than I wanted to hand it.  In
particular, my goal was to build something usable both on Debian and on
OpenWRT, the latter of which already has a fairly involved iptables
configuration.  So I built my own automation, and I'm entirely open to
the possibility that this was a mistake. ;)

You should probably start with the firehol tooling and stick with it
until you have reason to switch.

noah