tech-net archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

Re: fail2ban for NetBSD-based routers & networks

The key question for me is not just banning peer host on a given host from
reading its logs, but forwarding host ban information to my router in an
authenticated (and possibly encrypted) manner such that the offending host's
packets never reach my LAN at all for the duration of the ban.

One answer is to forward logs (ah, syslog ...) to the router for it to parse
directly, but that has issues, too. I'd argue that the data reduction
should be done on the attacked host.

        Erik <>

Home | Main Index | Thread Index | Old Index