On 4/2/19 5:39 PM, @lbutlr wrote:
On 2 Apr 2019, at 14:30, Esteban L <este...@little-beak.com> wrote:
The times are in seconds, so you'll need to calculate those times.
a month is 2629743 seconds. An hour, of course is 3600, but I prefer 86400
which is one day.
BTW, pi seconds is very close to 1 nano century.
I agree with @ibutr that 86400 is a good number. Now to find the where
to change the iptables rule to "-j DROP"
I like to just silently drop the connection. It becomes a sort of
reverse DOS in that they keep opening sockets, but you're effectively
not listening. It's been very effective in my experience. To be sure,
they will keep changing sources once they realize the host is
unreachable from any particular source. If I end up blocking TOR or vpn
users that are trying to do nefarious things, then so be it. I don't
need to waste CPU cycles sending responses. fail2ban is a resource hog
as it is.
Cheers,
Curtis
--
Best Regards Curtis Maurand
mailto:cur...@maurand.com
