Skip to content
Better HN
Top
Best
Ask
Show
New
Jobs
Search
⌘K
0 points
oynqr
4y ago
0 comments
Save
Share
fail2ban is such a clumsy solution when one can just disable password authentication and change the default port.
0 comments
1 comments · 1 top-level
top
newest
oldest
kmbfjr
4y ago
It is. If you really want to get after the password scans, iptables and connection tracking. After N number of new connection requests, drop for X minutes.
Any IPs that are trusted, put ahead of that logic.
j
/
k
navigate · click thread line to collapse
