(www.kkyri.com)

66 points todsacerdoti | 1 comments | 22 Oct 24 00:52 UTC | HN request time: 0.394s | source

Show context

_def ◴[22 Oct 24 02:00 UTC] No.41910445[source]▶

>>41910124 (OP) #

opinions on the suggested fail2ban and ufw?

replies(5): >>41910483 #>>41910485 #>>41910516 #>>41911983 #>>41915979 #

berbec ◴[22 Oct 24 02:07 UTC] No.41910485[source]▶

>>41910445 #

fail2ban is a critical piece of security software, as is some firewall. for those new to linux, you might as well use the one that is super-easy to install.

replies(1): >>41910494 #

tptacek ◴[22 Oct 24 02:09 UTC] No.41910494[source]▶

>>41910485 #

The opposite is true about fail2ban: it's cargo-cult security, and people shouldn't be running it. It never made any sense, but it especially makes no sense if you're going to (sensibly) disable password authentication.

replies(2): >>41911141 #>>41911955 #

1. oliwarner ◴[22 Oct 24 07:15 UTC] No.41911955[source]▶

>>41910494 #

You're talking about it as if it only handles SSH authentication.

It's no substitute for proper security, but it's a great mechanism for quickly dropping naughty traffic. Even people who practice good security have online systems that are occasionally vulnerable to zero days, or have password forms on webapps. Dropping traffic while it's still in discovery mode is a great way to frustrate automated attacks.

↑

How to secure your new VPS: a step-by-step guide