Yeah, you're wrong. With regexp, you can have fail2ban ignore any part of the log file, as in ANYTHING containing text around anything will be caught. You can have fail2ban ban every ip address that shows up in the log!
On 6/10/2010 5:38 PM, fakessh wrote:
"hi dovecot network the principle of fail2ban is repeated for connections with the same login fail2ban does not work if the attack changes to login every time this type of attack is rather to find valid user accounts"
I may be wrong, I hope I too am a victim of this kind of attacks
Yeah, you're wrong. With regexp, you can have fail2ban ignore any part of the log file, as in ANYTHING containing text around anything will be caught. You can have fail2ban ban every ip address that shows up in the log!
