|
|
|
|
|
|
by djengineerllc
4868 days ago
|
|
|
I'm using fail2ban on one of our linux servers. I have a bunch of fail2ban reports that I can run that lists all ips being blocked, how they were blocked, etc. A lot of times if we get multiple ips being blocked from china (and elsewhere) on the same subnet, I'll just block the entire subnet. |
|
|
Of course if you KNOW you have no users in e.g. China, no harm in blocking them, but any skilled attacker in China is not going to appear to be in China, from your vantage point.