>>>>> "M" == Mike <t...@rohms.com> writes: M> It would be nice to have some kind of shared attack list we could M> use, like DNSRBL.
blocklist.de publishes several. fail2ban already has support for reporting your bans to them; see the documentation in the default jail.conf. You just need to get an API key from the blocklist.de site to set things up. That is one nice feature that denyhosts has; any host running it can communicate with a server and coordinate blocking with all other hosts who do the same. Originally that server was proprietary but since the API is public someone else ended up writing their own server. Sadly denyhosts went somewhat moribund and I lost track of it. Technically there probably isn't much from stopping fail2ban from using the same server software in some way if someone wanted to write the code. Though I'm not sure if fail2ban has any way to pull a set of addresses to block from an external source. - J< _______________________________________________ Fail2ban-users mailing list Fail2ban-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/fail2ban-users
