Objection. + Use denyhosts as this is what we're using on the rest of infra.
+ we should talk a bit about whether we want denyhosts on for all cloud boxes or just specific ones. I lean towards enabling it for security but we did envision the cloud hosts being more forgiving than the rest of infra's hosts so we should just take a moment to make sure there's no use cases it's impacting. -Toshio -Toshio On Oct 7, 2013 3:56 AM, "Miroslav Suchý" <[email protected]> wrote: > On 10/07/2013 05:23 AM, Anshu Prateek wrote: > >> Most of these logins are automated bot attempts. On my personal servers, >> one easy way I have found is changing the >> default port to something else and that cuts down my lastb by almost 99%! >> > > Yes, I do that for my personal servers as well (and it works really good). > But I do not think this is good approach in organization when people > fluctuate quite often (think about apprentice group). > > fail2ban looks good, I'm trying it right now. Unless somebody will object > I will add it to ./tasks/cloud_setup_basic.yml > so all cloud images will use it. > > -- > Miroslav Suchy, RHCE, RHCDS > Red Hat, Software Engineer, #brno, #devexp, #fedora-buildsys > ______________________________**_________________ > infrastructure mailing list > infrastructure@lists.**fedoraproject.org<[email protected]> > https://admin.fedoraproject.**org/mailman/listinfo/**infrastructure<https://admin.fedoraproject.org/mailman/listinfo/infrastructure>
_______________________________________________ infrastructure mailing list [email protected] https://admin.fedoraproject.org/mailman/listinfo/infrastructure
