> AMP Admin wrote: >> Does anyone use iptables or something to defend against attacks? Like >> if x amount of requests per x amount of time send away. If so I would >> love some examples. Thanks! > > Probably based on Glenn English's work (in another email) I found this > during a brute force search with Google. It blocks the ssh > script-kiddies really well. > > You may be able to modify for your purposes. > > I have used denyhosts and fail2ban but found this did the most good with > the least effort. I'm thinking of modifying it to use TARPIT instead of > DROP to make the script-kiddies pay more for even trying. >
I've had excellent results with fail2ban, although I only use it for clearly unwanted actions like relay attempts, extended dictionary attacks, or bounce-back spam attempts. OTOH, I'd never use it for generally "spammy" looking mail, since some legitimate emails get huge spam scores until the system "learns" them. Terry
