Repeated offenses by the same client address will accrue greater penalties, up to a configurable maximum. A PerSourcePenaltyExemptList option allows certain address ranges to be exempt from all penalties. We hope these options will make it significantly more difficult for attackers to find accounts with weak/guessable passwords or exploit bugs in sshd(8) itself.
Nice rate limiting
In the old days we called it tar pitting.
Tell me in the old days there were other things that could happen. Like feathering somebody after tar pitting. I dont know what that would’ve meant. Maybe servers ridiculing an attacker or something.
Tar pitting sounds way more fun than rate limiting >.>
I think it’s supposed to evoke an image of an animal getting trapped in a tarpit.
IIRC, originally it was adding a delay on SMTP connections to keep spammers busy.
https://verifalia.com/help/email-validations/what-is-smtp-tarpitting
Like feathering somebody after tar pitting. I dont know what that would’ve meant. Maybe servers ridiculing an attacker or something
Could be a feature where servers would add your IP to a list, and send it to the clients (like a list somewhere in case of a website)
Then clients would start sending random metasploit-esk requests to those IPS
First time I hear that term, interesting
You should look into it. Network tarpitting has an interesting history.
So we‘re making fail2ban obsolete for this usecase?
Yes, if that’s the only reason one is using
fail2ban
. Honestly, I won’t miss it.