On Thu, 30 Aug 2018 05:49:58 -0500 o1bigtenor <[email protected]> wrote: > On Thu, Aug 30, 2018 at 4:13 AM, ac via talk <[email protected]> wrote: > > yeah, this is the reason why I do not usually respond to this type > > of post... security is a wide and varying topic. and opinions are > > held by all and sundry. > > just for the record though: what i said was: fail2ban is not the > > right tool > > not that it cannot do it... > Greetings > As someone who is trying to learn about security and feeling that the > curve is moving far faster than I can I hope it is not inappropriate > that I as - - - what would be the 'right' tool for this job? > the op originally mentioned an amplification, it also depends on ingress/egress (hijacked AS / routing qos / etc etc) and any number of other issues. running name servers is also a whole topic on its own as there is never one answer, but on ppp i would just use rate limit in bind.conf - i guess on a single name servers and with no load / production / other value based issue, it does not really matter if you do use anything.
hth Andre --- Talk Mailing List [email protected] https://gtalug.org/mailman/listinfo/talk
