 |
Post AjVj3IEByhvnylLuRE by [email protected] |
 |
More posts by [email protected] |
|
Post #AjVj3EzC219PvNJO8u by [email protected] |
|
0 likes, 1 repeats |
|
|
|
With CVE-2024-6387, why isn't anyone talking about fail2ban?#OpenSSH #cve_2… |
|
|
|
Post #AjVj3F6Hbep2HMd3C4 by [email protected] |
|
0 likes, 1 repeats |
|
|
|
@thomzane We are! mastodon.social/@Viss/112712217279846315 |
|
|
|
Post #AjVj3HHhUB8x3LzCGe by [email protected] |
|
0 likes, 0 repeats |
|
|
|
Can't fail 10,000 logins, if you are blocked after 3 and don't have a b… |
|
|
|
Post #AjVj3IEByhvnylLuRE by [email protected] |
|
0 likes, 0 repeats |
|
|
|
By this point, your distro should have the patch ready so update openssh-server… |
|
|
|
Post #AjVj6NJnVau6dSRaC0 by [email protected] |
|
0 likes, 1 repeats |
|
|
|
@thomzane I mean, you could also drop it with a simple rule in any reasonable f… |
|
|
|
Post #AjVjjKQiBKNwyFFhku by [email protected] |
|
0 likes, 1 repeats |
|
|
|
@thomzane In linux world, nftables does it nicely with: this sort of construct:… |
|
|
|
Post #AjVkndKTxJ5QhOxHIO by [email protected] |
|
0 likes, 0 repeats |
|
|
|
@mttaggart @thomzane But if fail2ban has no logs to work on, what about simple … |
|
|
|
Post #AjVkndQ9cDciyzbo8W by [email protected] |
|
0 likes, 1 repeats |
|
|
|
@jesterchen @thomzane Not sure if you were able to go through that whole thread… |
|
|
|
Post #AjVkxpMo3UT8vcu3f6 by [email protected] |
|
0 likes, 2 repeats |
|
|
|
@thomzane 10.000 requests with a different IPs via a botnet cost 200$ (price fr… |
|
|
|
Post #AjVpCrZmWUmBwOOh0K by [email protected] |
|
0 likes, 0 repeats |
|
|
|
@thomzane serious attackers aren't constrained to single IP addresses anymo… |
|
|
|
Post #AjVpCsplqX9zqGsyZ6 by [email protected] |
|
0 likes, 1 repeats |
|
|
|
@riking @thomzane however, the entire premise is contingent on accurate timing,… |
|
|
|
Post #AjWFie9MZekmNKr9fs by [email protected] |
|
0 likes, 1 repeats |
|
|
|
@thomzane also consider sipped - https://www.daemonology.net/blog/2012-08-30-pr… |
|
|
|
Post #AjWFmPJhfKT9WsUCdk by [email protected] |
|
0 likes, 1 repeats |
|
|
|
@thomzane also consider spiped - https://www.daemonology.net/blog/2012-08-30-pr… |
|
|
|
Post #AjYeCeEPcdWiX0ybYm by [email protected] |
|
0 likes, 0 repeats |
|
|
|
@Flyingmana Can $200 worth of purchased botnet credits do more than flood a sit… |
|
|
|
Post #AjYeCevf1q7ah9D8yG by [email protected] |
|
0 likes, 2 repeats |
|
|
|
@thomzane the most expensive part is the IP, depending on the service you use, … |
