Re: auth log full with

To: debian-user@lists.debian.org
Subject: Re: auth log full with
From: Matthias Böttcher <matthias.boettcher@gmail.com>
Date: Sun, 14 Aug 2022 16:07:03 +0200
Message-id: <[🔎] CAFBm81rzsCVLNYuVQvemtr824mJH1qXgqetKH8hMLT1LJmeQQg@mail.gmail.com>
In-reply-to: <[🔎] E1oN89v-0000X0-BQ@enotuniq.net>
References: <[🔎] 002d01d8af3c$0eb21500$2c163f00$@caloro.ch> <[🔎] E1oN5i6-0000TE-Io@enotuniq.net> <[🔎] 004b01d8afab$2a596640$7f0c32c0$@caloro.ch> <[🔎] E1oN89v-0000X0-BQ@enotuniq.net>

Am So., 14. Aug. 2022 um 09:51 Uhr schrieb Reco <recoverym4n@enotuniq.net>:

> Personally I don't use fail2ban for sshd. Because why bother with
> userspace (written in python too, yuck) if the kernel does the same job?
> I.e. block M$ AS, China Telecom AS and maybe add Eastern Europe to the
> mix, and you've just reduced the number of offending logins by two
> orders of magnitude.

Hi Reco,

how do I block these ip ranges?
Which source can I use to determine the geo location of ip addresses?
Is there a Debian packet?

Thanks for your help.

    Matthias

Reply to:

Follow-Ups:
- Re: auth log full with
  - From: Reco <recoverym4n@enotuniq.net>
- Re: auth log full with
  - From: Joe <joe@jretrading.com>
- Re: auth log full with
  - From: Lee <ler762@gmail.com>

References:
- auth log full with
  - From: "Maurizio Caloro" <maurizio@caloro.ch>
- Re: auth log full with
  - From: Reco <recoverym4n@enotuniq.net>
- AW: auth log full with
  - From: "Maurizio Caloro" <maurizio@caloro.ch>
- Re: auth log full with
  - From: Reco <recoverym4n@enotuniq.net>

Prev by Date: Re: auth log full with
Next by Date: Re: netperf / MIT License is not open source?
Previous by thread: Re: auth log full with
Next by thread: Re: auth log full with
Index(es):
- Date
- Thread