in place at any time seem very high compared to the few
attacks I see.
Sigh.
I don't "experiment" with production networks. I set up a banning
policy that works for the attack patterns that I see in my logs, and
that work with my user base. As I explained to the other
I would say, lock accounts to for example IP address, ASN or GeoIP.
This can be accomplished simply by a custom login handler, which also checks IP
against database.
And first time users, and those who change country/ISP/IP have to simply logon
to a web interface (where 2FA can be required and
Am 08.01.22 um 17:22 schrieb Dave McGuire:
> I wasn't asking for a critique of my configuration; I explained my
> approach to a new user who came here looking for help.
huh?
well, I don't think that anyone wanted to say anything about _your_
configuration, but wanted to supplement, that you
compared to the few
attacks I see.
Sigh.
I don't "experiment" with production networks. I set up a banning
policy that works for the attack patterns that I see in my logs, and
that work with my user base. As I explained to the other guy who
decided that how I run my network is
On Sat, 2022-01-08 at 11:22 -0500, Dave McGuire wrote:
> I wasn't asking for a critique of my configuration; I explained my
> approach to a new user who came here looking for help.
>
> Which is the last time I'll do THAT on this list, by the way.
Dave, on behalf of all the n00bs who come he
I don't "experiment" with production networks. I set up a banning
policy that works for the attack patterns that I see in my logs, and
that work with my user base. As I explained to the other guy who
decided that how I run my network is wrong, I'm not new at this.
Any
On 1/8/22 8:26 AM, dc...@dvl.werbittewas.de wrote:
trying to mess with other peoples' stuff. I run fail2ban to catch those
log entries and block the source IP address for a month on the first
failed login. At any one time I have between 12,000 and 15,000
well, I don't know how _your_ users ar
