Hi Chris,
On Thu, Dec 13, 2012 at 05:25:26PM +0000, Chris Dennis wrote:
But I've discovered that fail2ban doesn't know
about IPv6 (yet),
which seems to leave a fairly big hole in the security.
Someone has forked Fail2Ban to add IPv6 support:
https://github.com/Th4nat0s/fail2ban
so hopefully it won't be too long coming.
I must admit I don't have an IPv6 SSH dictionary attack
countermeasure myself at the moment. However, across 40 of my
IPv6-enabled hosts there have been a total of only four failed
attempts to log in from an IPv6 host. Some of those logs go back
three years...
Is there an IPv6-aware alternative? A quick search
reveals autofwd
(
http://freecode.com/projects/autofwd), but I'd like to hear some
opinions about it before I try it.
Not tried that one. It looks pretty good though not present in
Debian archive (I see there are some Debian packages provided
though)
Cheers,
Andy
--
http://bitfolk.com/ -- No-nonsense VPS hosting