[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Savannah-hackers-public] Getting git errors with http URLs
From: |
Bob Proulx |
Subject: |
Re: [Savannah-hackers-public] Getting git errors with http URLs |
Date: |
Sun, 19 Aug 2018 14:37:28 -0600 |
User-agent: |
Mutt/1.10.1 (2018-07-13) |
Bob Proulx wrote:
> ... distributed attacks such as this they can be quite difficult to
> avoid. I started looking in depth last night but unfortunately my
> first attemps to mitigate this didn't help significantly.
It looks like I was actually making some headway. I am tweaking
fail2ban to detect the IP addresses used in the attack and having it
block those addresses. However one danger I am tyring to avoid is
blocking valid users. But anyway this is the current block stats at
this time.
address@hidden:~# fail2ban-client status nginx-viewvc
Status for the jail: nginx-viewvc
|- filter
| |- File list: /var/log/nginx/access.log
| |- Currently failed: 6
| `- Total failed: 66586
`- action
|- Currently banned: 1
| `- IP list: ...
`- Total banned: 3371
address@hidden:~# fail2ban-client status nginx-cgit
Status for the jail: nginx-cgit
|- filter
| |- File list: /var/log/nginx/access.log
| |- Currently failed: 912
| `- Total failed: 267559
`- action
|- Currently banned: 510
| `- IP list: ...
`- Total banned: 40454
40454 plus 3371! Some offenders do repeat. A quick scan shows 9428
unique addresses in the attack.
The above has only been running overnight. Yet even though it is
making headway it is still not agressive enough. Tweaking.
Bob