Comment by lillecarl

7 months ago

Manual banning is about the same since you just book /56 or bigger, entire providers or countries.

Automated banning is harder, you'd probably want a heuristic system and look up info on IPs.

IPv4 with NAT means you can "overban" too.

3 comments

lillecarl

Reply
malfist  7 months ago

Why wouldn't something like fail2ban not work here? That's what it's built for and has been around for eons.

  • ozim  7 months ago

    Fun part was that fail2ban had RCE vulnerability. So you were more secure not running it now it should be fixed but can you be sure?