On 3/19/2009, Ed W (li...@wildgooses.com) wrote: > The current attacks against my server are very slow attacks from a > distributed botnet and fail2ban is hardly touching them. I see > dozens of IPs trying at no more than one per minute and it would > appear they swap between smtp and pop ports (I see the same from any > given IP). > > Some IPs seem much more common and fail2ban is occasionally snagging > an IP which spews a bit faster, but sometimes each IP will try only > once or twice a day.
With such slow/limited attacks, as long as you enforce strong passwords, whats the problem? :)
