- cross-posted to:
- technews@radiation.party
- cross-posted to:
- technews@radiation.party
There is a discussion on Hacker News, but feel free to comment here as well.
This or similar software is basically required is you have an SSH server accessible over the internet
Don't make the mistake I did and assume that your server is too small or inconsequential to get hacked - a hacking attempt is a matter of "if" not when, but turning off password Auth and adding fail2ban will get you locked up tight
In the early days of my home server I remember looking at the logs and just watching them scroll with failed attempts. It was just a small box for messing about on with a dynamic IP. Older and wiser now.
Old software that can actually be superceded by some newer tech if someone feels like doing so.
Easy to use, lots of documentation. 10/10
Suricata + fail2ban has served me well
These days I would recommend CrowdSec over fail2ban.
Does CrowdSec have abuseipdb.com integration (and endorsement)?