Re: Massiv dictionary attacks from <rackspace.com>
Fail2ban is a bad choice if you have customers who use this imap server.
Le 14 août 2012 à 18:32, green <greenfreedom10@gmail.com> a écrit :
> Andika Triwidada wrote at 2012-08-14 06:50 -0500:
>> On Tue, Aug 14, 2012 at 6:43 PM, Michelle Konzack
>> <linux4michelle@tamay-dogan.net> wrote:
>>>
>>> Hello Colleges and *,
>>>
>>> since Sunday 19:47 CEST 18 of my servers are under heavy attack.
>>>
>>> Currently I have counted over 18 million login attempts (dictionary
>>> attack) with a list of 1005 names an started with IP <50.56.180.220>.
>>
>> Any reason not to use fail2ban or any similar tool to prevent those
>> brute force attacks?
>
> I think fail2ban does not yet support ipv6; the iptables recent module might
> do an adequate job without requiring extra software (limit number of new
> connection attempts from a specific IP per n seconds).
Reply to: