Benjamin, I think the Adaptive Ban AIF plugin has been the most useful, works like Fail2Ban does.
The ids-protection AIF plugin uses iptable's "recent" module, while it could also be useful it looks like it takes some tuning to both be effective and not block wanted traffic. Possibly researching iptable's "recent" module may help you understand it. Lonnie On Jan 4, 2014, at 7:23 PM, Benjamin L. Naber wrote: > I'd like to be pointed where I can find more info about the IDS > protection program/application used in Astlinux. > > Specifically, I'd like to know how to automatically ban IPs that > Astlinux/IPTABLES reports as an IDS violation, unless Astlinux already > does it... and see a list of blocked IPs so I know auto-ban is working. > > I visited Arno's site, and unless it's under my nose where I can't see, > info about IDS is lacking. > > ~Benjamin ------------------------------------------------------------------------------ Rapidly troubleshoot problems before they affect your business. Most IT organizations don't have a clear picture of how application performance affects their revenue. With AppDynamics, you get 100% visibility into your Java,.NET, & PHP application. Start your 15-day FREE TRIAL of AppDynamics Pro! http://pubads.g.doubleclick.net/gampad/clk?id=84349831&iu=/4140/ostg.clktrk _______________________________________________ Astlinux-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/astlinux-users Donations to support AstLinux are graciously accepted via PayPal to [email protected].
