Port knocking or gtfo
Handling malicious requests with fail2ban
Submitted 4 weeks ago by cm0002@lemmy.world to cybersecurity@infosec.pub
https://sergiocipriano.com/fail2ban.html
Comments
bacon_pdp@lemmy.world 4 weeks ago
adminofoz@lemmy.cafe 4 weeks ago
Fr tho why does no one do port knocking? I know its not a comprehensive solution but it’s a pretty cool component imo.
Ajen@sh.itjust.works 4 weeks ago
Port knocking is cool, but tunneling everything through ssh or a VPN (with strong keys, not passwords) is more secure.
bacon_pdp@lemmy.world 4 weeks ago
If you set it up wrong or the service fails to start; you’ll need to use a console to recover.
Most people don’t even know about serial console servers
Ajen@sh.itjust.works 4 weeks ago
The thing about fail2ban is that it’s only affective against automated scans and script kiddies, and if you keep things updated and configured correctly then they aren’t a threat. Any adversary that can break encryption or exploit a zero day can also get around fail2ban.