Jump to content
Security Installer Community

Fail2Ban


james.wilson

Recommended Posts

Posted

I wasn't suggesting you update the server in your trunks LOL I thought you might like to have a swim in the pool after. Have you found your PP yet?

f me it's Barrymore.

Nothing is foolproof to a sufficiently talented fool.


Posted

I work for a small-ish game server host and we primarily use Windows for our boxes. Our public facing hosts mainly were getting hit by RDP brute force/dictionary attacks, even though we changed the RDP ports from the default 3389 to a random port. We solved this by firewalling off RDP connections to limited IPs (internal IPs and a jumpbox ip) using bog standard Windows Firewall on the individual boxes and surprisingly it was incredibly effective. For remote maintenance, we bought a small virtual server from these guys which acts as an SSH jumpbox (with Fail2Ban configured) which all external RDP connections are forced to go through otherwise they get bounced. (Moved to an RDP client which allows for using SSH Jumpboxes like MobaXTerm and all was well!)

 

Get your credentials for the jumpbox wrong 3 times and it's then a pain in the **** call to me to get the IP ban lifted. 

Then we forced 64 character random passwords for all admin/rdp accounts, because we are great people.

Fun, fun... fun?

Archived

This topic is now archived and is closed to further replies.

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...

Important Information

By using this site, you agree to our Terms of Use.