Re: Massiv dictionary attacks from <rackspace.com>
Fail2ban is a bad choice if you have customers who use this imap server.
Le 14 août 2012 à 18:32, green <firstname.lastname@example.org> a écrit :
> Andika Triwidada wrote at 2012-08-14 06:50 -0500:
>> On Tue, Aug 14, 2012 at 6:43 PM, Michelle Konzack
>> <email@example.com> wrote:
>>> Hello Colleges and *,
>>> since Sunday 19:47 CEST 18 of my servers are under heavy attack.
>>> Currently I have counted over 18 million login attempts (dictionary
>>> attack) with a list of 1005 names an started with IP <184.108.40.206>.
>> Any reason not to use fail2ban or any similar tool to prevent those
>> brute force attacks?
> I think fail2ban does not yet support ipv6; the iptables recent module might
> do an adequate job without requiring extra software (limit number of new
> connection attempts from a specific IP per n seconds).