More fail2ban questions
Chong Yu Meng
chongym
Wed Aug 2 20:38:20 PDT 2006
This is (probably) for David, but I think the rest of us may benefit
from his edifying answers, so I am posting my question here.
In the fail2ban configuration file, there is a ignoreip setting. I'm not
sure I understand what should be listed there. Should I list the IP
addresses that fail2ban should not check (i.e. authentication errors for
that IP will be ignored, and the IP will never be banned) or should I
list all the IPs I am blacklisting?
The reason I ask is that there is an IP originating in India that was
spoofing an unused IP address on the same subnet as my server, and
trying to login. I'd rather that fail2ban checks every IP address
including those on the same subnet. Does that mean that I should leave
the setting blank?
Thanks in Advance !
--
Pascal Chong
email: chongym at cymulacrum.net
web: http://cymulacrum.net
pgp: http://cymulacrum.net/pgp/cymulacrum.asc
"La science ne conna?t pas de fronti?re parce que la connaissance
appartient ? l?humanit?. et que c?est la flamme qui illumine le monde."
-- Louis Pasteur
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: This is a digitally signed message part
Url : http://mail.linux-sxs.org/pipermail/linux-users/attachments/20060803/b55fa824/attachment-0001.pgp
More information about the Linux-users
mailing list