cybersecurity

4800 readers

60 users here now

An umbrella community for all things cybersecurity / infosec. News, research, questions, are all welcome!

Community Rules

Be kind
Limit promotional activities
Non-cybersecurity posts should be redirected to other communities within infosec.pub.

Enjoy!

founded 2 years ago

MODERATORS

shellsharks

tweedge

Handling malicious requests with fail2ban (sergiocipriano.com)

submitted 2 weeks ago by cm0002@lemmy.world to c/cybersecurity

5 comments fedilink hide all child comments

top 5 comments

sorted by: hot top controversial new old

[–] Ajen@sh.itjust.works 3 points 2 weeks ago

The thing about fail2ban is that it's only affective against automated scans and script kiddies, and if you keep things updated and configured correctly then they aren't a threat. Any adversary that can break encryption or exploit a zero day can also get around fail2ban.

[–] bacon_pdp@lemmy.world 1 points 2 weeks ago (1 children)

Port knocking or gtfo

[–] adminofoz@lemmy.cafe 1 points 2 weeks ago (2 children)

Fr tho why does no one do port knocking? I know its not a comprehensive solution but it's a pretty cool component imo.

[–] Ajen@sh.itjust.works 1 points 2 weeks ago

Port knocking is cool, but tunneling everything through ssh or a VPN (with strong keys, not passwords) is more secure.

[–] bacon_pdp@lemmy.world 0 points 2 weeks ago

If you set it up wrong or the service fails to start; you’ll need to use a console to recover.

Most people don’t even know about serial console servers

https://www.jpaul.me/2019/01/how-to-build-a-raspberry-pi-serial-console-server-with-ser2net/