- cross-posted to:
- librebyte@lemmy.ml
- cross-posted to:
- librebyte@lemmy.ml
You must log in or register to comment.
The thing about fail2ban is that it’s only affective against automated scans and script kiddies, and if you keep things updated and configured correctly then they aren’t a threat. Any adversary that can break encryption or exploit a zero day can also get around fail2ban.
deleted by creator
Fr tho why does no one do port knocking? I know its not a comprehensive solution but it’s a pretty cool component imo.
Port knocking is cool, but tunneling everything through ssh or a VPN (with strong keys, not passwords) is more secure.
deleted by creator
