Prankur Chauhan <prankur.chauha...@gmail.com> writes: > Is it possible to identify a malicious IP who is trying multiple times > authentication requests with wrong credentials and increase the > response time for each subsequent auth request, consequently also lock > him/her out for some duration? > > Do you guys know if snmpd can be configured to work with tools such as > fail2ban?
A few things: 1. With the right debugging flags turned on (try -Dusm) you might be able to watch for failures and create a fail2ban hook to provide fail2ban with new jail entries. 2. But my importantly, you should never ever have an snmp agent (of any kind) connected to the internet without a firewall in front of it that restricts access to only trusted IP addresses. This generally is true for any SNMP or other management control protocol -- they should be accessible only from internal networks. -- Wes Hardaker Please mail all replies to net-snmp-coders@lists.sourceforge.net _______________________________________________ Net-snmp-coders mailing list Net-snmp-coders@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/net-snmp-coders
