[ryanlol]

From what? Generally fail2ban only exposes unnecessary attack surface while providing zero benefit.

[omgwtfbyobbq]

How does fail2ban expose attack surface?

[detaro]

It's code running on partially attacker-controlled inputs. It several times had vulnerabilities that allowed an attacker to trigger blocks for arbitrary IPs.

[cyc115]

I remember there's a privEsc on old versions of fail2ban.

[omgwtfbyobbq]

Do you remember roughly when the privEsc was?

https://www.cvedetails.com/vulnerability-list/vendor_id-5567...

[ryanlol]

Sketchy parsers operating on untrusted, unstructured log data.

fail2ban is worse than useless.