dbxe
/
fusionpbx-install.sh
2
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
fusionpbx-install.sh/debian/resources
History
emaktech a33131c8be Ban on auth failure instead of challenge (#113) 
Default fail2ban DoS ruleset looks for auth challenges, but auth challenges can be either successful or unsuccessful. Default rule causes problems with larger environments with many registered devices as they have many successful auth challenges with short registration periods.

By the time auth challenges can be made successfully in volume, it's far too late to be worrying about a DoS or brute force attempt - it's already too late. Rule change here will reduce false positives while still providing same level of useful protection.

Maybe also consider reducing maxretry count or increasing findtime in jail.local to catch true failed auth brute force or DoS attempts more easily in conjunction with above change.

This will be more sensitive in detection and should carry lower false positive rate.
 		2017-09-02 09:09:07 -06:00
..
backup Update fusionpbx-maintenance.sh 2017-08-18 11:21:06 -06:00
fail2ban Ban on auth failure instead of challenge (#113) 2017-09-02 09:09:07 -06:00
fusionpbx update the file permissions 2017-03-05 06:11:42 +00:00
letsencrypt update the file permissions 2017-03-05 06:11:42 +00:00
nginx Update fusionpbx 2017-08-16 14:59:11 -06:00
postgresql Change systemctl to service command. 2017-08-02 11:42:53 -06:00
switch Update source-systemd.sh (#115) 2017-09-02 09:07:22 -06:00
arguments.sh Fix to issue #76 - Use php5 for some dists with new command-line switch (#77) 2017-02-28 09:32:26 -07:00
colors.sh Add execute permissions to the remaining .sh scripts 2016-08-21 16:15:47 +00:00
config.sh Easy disabling of LetsEncrypt folders (#109) 2017-08-09 02:04:45 -05:00
environment.sh Update environment.sh 2017-03-05 11:05:17 -07:00
fail2ban.sh Update fail2ban.sh 2017-03-05 21:36:40 -07:00
finish.sh Update finish.sh 2017-07-29 11:20:22 -06:00
fusionpbx.sh add 'at' as a requirred package (#101) 2017-06-10 11:50:59 -06:00
iptables.sh Update iptables.sh 2017-03-23 14:51:08 -06:00
letsencrypt.sh Update letsencrypt.sh 2017-05-21 00:23:41 -06:00
nginx.sh Easy disabling of LetsEncrypt folders (#109) 2017-08-09 02:04:45 -05:00
php.sh Update php.sh 2017-03-05 21:43:04 -07:00
postgres.sh Update postgres.sh 2017-05-15 18:22:33 -06:00
random.sh Fix file permissions 2017-05-16 00:04:42 +00:00
reboot_phones.sh update the file permissions 2017-03-05 06:11:42 +00:00
reset_admin_password.sh Enhance - add reset_admin_password.sh (#102) 2017-07-29 13:59:40 -06:00
sngrep.sh Update sngrep.sh 2017-05-14 22:25:30 -06:00
switch.sh update the file permissions 2017-03-05 06:11:42 +00:00