Re: Securing development environment

To: debian-user@lists.debian.org
Subject: Re: Securing development environment
From: Andy Smith <andy@strugglers.net>
Date: Sat, 19 May 2018 15:29:25 +0000
Message-id: <[🔎] 20180519152925.GF4569@bitfolk.com>
In-reply-to: <[🔎] 210a52c2-15d3-a775-d456-b93392ec4b76@mail.com>
References: <[🔎] d31b3894-611a-fb26-7325-24b7e94a4692@mail.com> <[🔎] 20180519072928.0533f4a5@cd> <[🔎] 210a52c2-15d3-a775-d456-b93392ec4b76@mail.com>

Hello,

On Sat, May 19, 2018 at 12:03:37PM +0200, Hubert Hauser wrote:
> On 19/05/18 07:29, Chris wrote:
> > Make those services listen to localhost and do port forwarding in your
> > SSH client.
> 
> It might be a good idea but I am not sure whether fail2ban with nginx
> basic_auth mechanism is a simplier solution. You have not replied me is
> it. Should I worry about maximum length of passwords (8 characters)?

If the services are only available in localhost then you don't need
fail2ban.

Fail2ban is a massive hack (spotting wrongdoing by reading logs of
it after the fact?) so if there is a way to avoid the issue in the
first place then to me that is preferable.

Cheers,
Andy

Reply to:

Follow-Ups:
- Re: Securing development environment
  - From: Gene Heskett <gheskett@shentel.net>

References:
- Securing development environment
  - From: Hubert Hauser <hubot@mail.com>
- Re: Securing development environment
  - From: Chris <chris2014@postbox.xyz>
- Re: Securing development environment
  - From: Hubert Hauser <hubot@mail.com>

Prev by Date: Re: Securing development environment
Next by Date: Re: Laptop randomly reboots
Previous by thread: Re: Securing development environment
Next by thread: Re: Securing development environment
Index(es):
- Date
- Thread