also sprach Stefano Salvi <stefano@salvi.mn.it> [2006.05.07.0926 +0200]: > Unfortunately Fail2Ban doesn't block the attackers on this attack, as > the Log line doesn't contain the IP of the attacker (the IP is only > listed if the login doesn't exist). Sure it blocks it. That would be a pretty bad bug if it didn't. At least version 0.6.1 does. > However, having the attempted attack listed in LogCheck mails > doesn't block it...I also ask is there any use however in having > it listed? Not really. My theory is that I don't need to know when someone tries a password login for the root account, since password logins are not possible anyway. -- Please do not send copies of list mail to me; I read the list! .''`. martin f. krafft <madduck@debian.org> : :' : proud Debian developer and author: http://debiansystem.info `. `'` `- Debian - when you have better things to do than fixing a system "when zarathustra was alone... he said to his heart: 'could it be possible! this old saint in the forest hath not yet heard of it, that god is dead!'" - friedrich nietzsche
Attachment:
signature.asc
Description: Digital signature (GPG/PGP)