--On Monday, June 03, 2019 4:23 PM -0400 Terry Carmen
<te...@cnysupport.com> wrote:
I run ssh through a VPN tunnel, so the attempts never show up
I had been banning them, however it ended up turning into a problem
because my drop rules list was getting huge and causing a performance
problem.
How many probes do you see against your VPN?
I'm using ipsets for my ban lists to deal with large lists. I've got a big
list adapted from the lists at ipdeny.com to drop all packets to my
authenticated services from non-US addresses. I'm also blocking access from
DigitalOcean and other cloud services. Alas, I have to allow everything to
my web server because Letsencrypt doesn't make any guarantees about the
source of its identity checks to validate my domain. (Or I could script
temporarily dropping the block to my web server when I'm updating my
certificate.)
_______________________________________________
Fail2ban-users mailing list
Fail2ban-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/fail2ban-users
