8
Spent 2 days chasing a brute force attack - one simple rule fixed it
Had someone trying to get into my SSH server about 3 weeks ago. Tried fail2ban, changed ports, even locked down keys only. Still saw failed attempts filling up logs. Then a buddy said "just rate limit the connections at the firewall level." Set a simple 3 attempts per minute rule on the router and it killed 99% of the noise. Anybody else found that blocking at the network edge works better than app level stuff?
0 comments
Log in to join the discussion
Log In0 Comments
No comments yet
Be the first to share your thoughts on this discussion.