[prev in list] [next in list] [prev in thread] [next in thread]
List: debian-devel
Subject: Re: Debian openssh option review: considering splitting out GSS-API key exchange
From: Marco d'Itri <md () Linux ! IT>
Date: 2024-04-02 10:04:26
Message-ID: ZgvYKq0RMRNagEP2 () bongo ! bofh ! it
[Download RAW message or body]
On Apr 02, Colin Watson <cjwatson@debian.org> wrote:
> At the time, denyhosts was popular, but it was removed from Debian
> several years ago. I remember that, when I dealt with that on my own
> systems, fail2ban seemed like the obvious replacement, and my impression
> is that it's pretty widely used nowadays; it's very pluggable but it
> normally works by adding firewall rules. Are there any similar popular
> systems left that rely on editing /etc/hosts.deny?
Yes, people. I object to removing TCP wrappers support since the patch
is tiny and it supports use cases like DNS-based ACLs which cannot be
supported by L3 firewalls.
--
ciao,
Marco
["signature.asc" (application/pgp-signature)]
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic