[prev in list] [next in list] [prev in thread] [next in thread] 

List:       debian-devel
Subject:    Re: Debian openssh option review: considering splitting out GSS-API key exchange
From:       Marco d'Itri <md () Linux ! IT>
Date:       2024-04-02 10:04:26
Message-ID: ZgvYKq0RMRNagEP2 () bongo ! bofh ! it
[Download RAW message or body]


On Apr 02, Colin Watson <cjwatson@debian.org> wrote:

> At the time, denyhosts was popular, but it was removed from Debian
> several years ago.  I remember that, when I dealt with that on my own
> systems, fail2ban seemed like the obvious replacement, and my impression
> is that it's pretty widely used nowadays; it's very pluggable but it
> normally works by adding firewall rules.  Are there any similar popular
> systems left that rely on editing /etc/hosts.deny?
Yes, people. I object to removing TCP wrappers support since the patch 
is tiny and it supports use cases like DNS-based ACLs which cannot be 
supported by L3 firewalls.

-- 
ciao,
Marco

["signature.asc" (application/pgp-signature)]

[prev in list] [next in list] [prev in thread] [next in thread]