av> Very dangerous thing... However, it makes some fun to use it   
    av> against the admin^Widiot who installed it :-)   
      
   I'm curious ... why is fail2ban dangerous?   
      
    av> Being a security expert, I know (and use; and, obviously,   
    av> recommend) better method: limit the number of connections per   
    av> minute to 2 or 3, thus making any and all bruteforce attacks   
    av> time-ineffective.   
      
   I don't see why these are mutually exclusive ... but maybe I'm not an expert   
   enough. If you use key-only authentication for SSH (for example), it makes   
   perfect sense to add someone to a ban list for 15-600 minutes if they fail 3   
   times (for example).   
      
   I quite often legitimately connect with 2-3-4 SSH sessions to the same server   
   within a few minutes, but they don't fail of course :)   
      
      
      
    -joho   
      
   ---   
    * Origin: code.code.code (2:20/4609)