On Tue, 19 Dec 2017 07:00:00 +0300, "Alexey Vissarionov"
wrote:
>Good ${greeting_time}, Joaquim!
>
>18 Dec 2017 21:40:18, you wrote to me:
>
> av>> Very dangerous thing... However, it makes some fun to
> av>> use it against the admin^Widiot who installed it :-)
> ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
> JH> I'm curious ... why is fail2ban dangerous?
>
>Didn't you read the message before answering it?
>
>https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5642
>and some others discovered since that.
Is it an accident that you omitted to say that there were only 3 CVE
announcements since CVE-2012-5642 and those were over 4 years ago or
are you just scaremongering?
The only options you offer are to block CIDR (which can be done
manully after fail2ban picks up some common CIDRS worth blocking) and
rate limiting which fail2ban does by way of blocking anyway.
--- SBBSecho 3.03-Linux
* Origin: End Of The Line BBS - endofthelinebbs.com (1:124/5016)
|