On 31 December 2011 03:16, jdow <[email protected]> wrote: > On 2011/12/30 18:05, MT Julianto wrote: > >> On 30 December 2011 14:22, jdow <[email protected] <mailto: >> [email protected]>> >> >> This allows me to typo the password. All I have to do is wait a couple >> minutes >> between tries >> >> Is it the same as fail2ban with setting: maxretry=1 ? >> > > I don't know. I learned of fail2ban from the BSD mailing list long after > I'd > learned that iptables trick. I feel more comfortable with the iptables > trick > since it is right there instantly rather than with any log reading delays. > It even prevents two attempts from the same address if the first one was > successful, which is not something I've ever wanted to do. It's one less > piece of software on the system. It means I had to learn iptables a bit. >
If I were you, I will do that same :-) It is always a great pleasure to use our own tricks and to keep learning about it. I learned the trick on one of the Red Hat lists about a decade ago. > I wish have a chance someday to learn iptables... Regards, -Tito.
