Hacker News
new
|
past
|
comments
|
ask
|
show
|
jobs
|
submit
login
boringuser2
on June 2, 2023
|
parent
|
context
|
favorite
| on:
Brute.Fail: Watch brute force attacks fail in real...
Thinking about it, fail2ban is almost entirely a placebo given that your password should be basically impossible to brute force anyways if you have the knowledge to implement fail2ban.
awestroke
on June 2, 2023
|
next
[–]
It can conserve server resources to just stop responding to brute force attacks
veave
on June 2, 2023
|
parent
|
next
[–]
If your server is a Gameboy, maybe.
blueflow
on June 2, 2023
|
root
|
parent
|
next
[–]
Also disk space - i don't want to keep 500 MB of failed login attempts just to have a week of syslog available.
boringuser2
on June 3, 2023
|
root
|
parent
|
next
[–]
Rotate your logs bud.
Also, suppressing these logs is the same as rapidly rotating new logs.
quickthrower2
on June 3, 2023
|
root
|
parent
|
next
[–]
It is not. Deleting my spam folder is not the same as deleting yesterdays email.
blueflow
on June 3, 2023
|
root
|
parent
|
prev
|
next
[–]
Rotating only splits the data up into N files, not make it consume less space for a week of logs.
veave
on June 3, 2023
|
root
|
parent
|
next
[–]
logrotate compresses logs.
boringuser2
on June 2, 2023
|
root
|
parent
|
prev
|
next
[–]
A Gameboy would probably have the computing resources to do a thousand such calculations a millisecond.
alexchamberlain
on June 2, 2023
|
prev
|
next
[–]
Better: just ban password logins, and use cryptographic keys instead.
quickthrower2
on June 3, 2023
|
parent
|
next
[–]
Use Role Based Access Control
seized
on June 3, 2023
|
prev
[–]
Fail2ban can work on more than just sshd.
Guidelines
|
FAQ
|
Lists
|
API
|
Security
|
Legal
|
Apply to YC
|
Contact
Search:
