[SR-Users] dictionary attacks
Iñaki Baz Castillo
ibc at aliax.net
Sun Oct 24 18:18:40 CEST 2010
2010/10/24 Daniel-Constantin Mierla <miconda at gmail.com>:
> Using fail2ban together with IP tables has the advantage of dropping the
> packets before getting to application and eating cpu
I have a testing platfotm with Kamailio and fail2ban working more or
less as explained in this thread. But I wonder if fail2ban is a good
idea as it works inspecting regular expressions in each line of the
log. Is it good enough and feasible under high traffic? wouldn't
fail2ban eat too much CPU by inspecting the log file? Just wondering.
Of course, the perfect solution would be Kamailio acting as fail2ban.
This is, "pike" module inserting dynamic rules in iptables. Opinnions?
--
Iñaki Baz Castillo
<ibc at aliax.net>
More information about the sr-users
mailing list