On Tue, 5 Jan 2016 09:09:22 -0500 Alex <mysqlstud...@gmail.com> wrote: > I agree with what you've said from the perspective of a security > professional and a "good Internet neighbor". However, we have a > default-deny policy on our firewall.
That's your decision and there's nothing wrong with it as such. However, you said: "I can't think of any reason a legitimate attempt would be made to communicate with that address" and there are plenty of entirely legitimate reasons for scanning. There is no reason to be disturbed by scanning per se. Regardless, if you already have a firewall policy you feel comfortable with and it blocks everything by default (which is entirely reasonable), there's no need to use fail2ban to prevent scanning. The real function of fail2ban is to prevent abuse of ports that you are leaving open for some good reason (say ssh or smtp submission). Perry -- Perry E. Metzger pe...@piermont.com ------------------------------------------------------------------------------ _______________________________________________ Fail2ban-users mailing list Fail2ban-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/fail2ban-users
