Progress migrating to list
joe at begriffs.com
Sun Sep 30 17:37:44 UTC 2018
> > I should also write up the story about how Joe helped me fend off
> > hackers when we configured fail2ban for postfix.
> I certainly want the story on that. Type it up and put in on your weblog.
> Or, send it in an email and it will be archived here -- I guess. Or, we
> can host a weblog of sorts on frostbyte.
I learned that in true OpenBSD style, they have stateful packet
filtering  built right into pf, which means I can implement similar
functionality on this BSD box as we did on your machine, but without
the extra moving parts of fail2ban.  This technique doesn't involve
looking at log files for offending lines, but simply tracks how many
connections a host is making in what time period, and adds the host to a
block list above a threshold.
Luckily I haven't seen evil traffic in my logs yet... Probably only a
matter of time.
More information about the Friends