Subj : Alternative(s) to ipset on OpenVZ
To   : Alexey Vissarionov
From : Joaquim Homrighausen
Date : Mon Dec 18 2017 21:37:46

 av> This never works, as there would always be at least one trojaned
 av> computer in your own country...

It may not be a complete solution, but it might help.

 av> Limiting the number of connections per minute does that (SSH
 av> protection) best. Especially being combined with key-only
 av> authentification (if you choose proper algorithms, of course).

fail2ban (and similar) does a pretty good job of keeping muppets at bay, as 
does rate limiting, indeed.


 -joho

---
 * Origin: code.code.code (2:20/4609)

.