[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: Fudcon - Items for discussion



Luke Macken wrote:

During the summit Warren proposed a few security policies for our publictest* machines, which we all agreed on:

	o must get approval from infrastructure team
	o denyhosts must be configured
	o ssh key authentication only

I use SSH public key authentication on all my servers (password authentication disabled) and I used to run DenyHosts. At some point I decided to replace DenyHosts with Fail2ban [1], because Fail2ban creates (temporary) iptables rules instead of (temporary) entries in / etc/hosts.deny. Have you compared the two?

Nils Breunese.

[1] http://fail2ban.sourceforge.net/

Attachment: PGP.sig
Description: Dit deel van het bericht is digitaal ondertekend


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]