Mayuresh wrote:
I wish to set up a utility that would monitor logs of various services for
a server on the internet and block nasty IPs.
How do above options compare and which one is more common on NetBSD?
So far, I tried using fail2ban and my impressions are: 1. Just too many
dependencies, took long time to build. 2. Using default configuration it
did not appear to do anything precious after watching it for some time
when there were many auth failures seen in authlog.
Mayuresh
A bit late to the party, but py-denyhosts (pkgsrc://security/py-denyhosts) has
worked great on a xen domU I had that didn't have pf support for my usual
pf-based solution.
It uses /etc/hosts.deny and only depends on python.
Staffan
