12 Apr
2019
12 Apr
'19
4:01 p.m.
On Fri April 12 2019 08:41:10 Michael Howard via trinity-users wrote:
Of course it's possible to block millions, if you
have their IPs. It
wouldn't be efficient but then 'millions' are not brute force attacking
my, or your, or deloptes system at any one time. If they were, it would
be pointless anyway. The point is, if you have a regularly updated list
of known spam IPs, which we do, and you use a decent firewall, which I
do, you can prevent a huge amount of brute force attacks by just
dropping the connection.
I'm unclear what you're referring to as your "regularly updated list".
Is this SYN rate limiting or fail2ban or a manually maintained list
or something else?
--Mike