Hi everyone ... Thinking about how to enhance security in DNS servers I found something called "fail2ban" , and it looks interesting .... Question, is it works with Shorewall ? The reason is that all DNS servers that I am responsible runs Shorewall as a firewall ... My distribution of choice is Debian and I am starting to migrate all of them to Lenny . Thanks in advance ... Fábio Rabelo ------------------------------------------------------------------------------ Open Source Business Conference (OSBC), March 24-25, 2009, San Francisco, CA -OSBC tackles the biggest issue in open source: Open Sourcing the Enterprise -Strategies to boost innovation and cut costs with open source participation -Receive a $600 discount off the registration fee with the source code: SFAD http://p.sf.net/sfu/XcvMzF8H
Fábio Rabelo wrote:>Thinking about how to enhance security in DNS >servers I found something called "fail2ban" , >and it looks interesting .... >Question, is it works with Shorewall ? >The reason is that all DNS servers that I am >responsible runs Shorewall as a firewall ..."works with" is not really a valid concept, "works alongside" is more like it, and yes it will - with one caveat. If you reload Shorewall, then you need to restart fail2ban as Shorewall will have trampled all over the iptables rules and disabled the chain that fail2ban relies on. I''ve added a command to one of the Shorewall config files so that it will reload fail2ban after running. -- Simon Hobson Visit http://www.magpiesnestpublishing.co.uk/ for books by acclaimed author Gladys Hobson. Novels - poetry - short stories - ideal as Christmas stocking fillers. Some available as e-books. ------------------------------------------------------------------------------ Open Source Business Conference (OSBC), March 24-25, 2009, San Francisco, CA -OSBC tackles the biggest issue in open source: Open Sourcing the Enterprise -Strategies to boost innovation and cut costs with open source participation -Receive a $600 discount off the registration fee with the source code: SFAD http://p.sf.net/sfu/XcvMzF8H
Fábio Rabelo wrote:> Hi everyone ... > Thinking about how to enhance security in DNS servers I found something > called "fail2ban" , and it looks interesting .... > Question, is it works with Shorewall ? > The reason is that all DNS servers that I am responsible runs Shorewall > as a firewall ... > My distribution of choice is Debian and I am starting to migrate all of > them to Lenny .If you are thinking of having fail2ban look for rejected /IN/NS/. queries and banning the senders, a better choice is to use the DNSDDOS action available at http://www.shorewall.net/pub/shorewall/contrib/DNSDDOS. It simply drops the bogus queries and lets all other UDP DNS traffic through. ------------------------------------------------------------------------------ Open Source Business Conference (OSBC), March 24-25, 2009, San Francisco, CA -OSBC tackles the biggest issue in open source: Open Sourcing the Enterprise -Strategies to boost innovation and cut costs with open source participation -Receive a $600 discount off the registration fee with the source code: SFAD http://p.sf.net/sfu/XcvMzF8H
UAU !! That''s great ... thanks ! It looks like exactly what I am looking for, trying and evaluating very soon ... Thanks again ... Fábio Rabelo 2009/2/17 Shorewall Guy <shorewalljunky@comcast.net>> Fábio Rabelo wrote: > > Hi everyone ... > > Thinking about how to enhance security in DNS servers I found something > > called "fail2ban" , and it looks interesting .... > > Question, is it works with Shorewall ? > > The reason is that all DNS servers that I am responsible runs Shorewall > > as a firewall ... > > My distribution of choice is Debian and I am starting to migrate all of > > them to Lenny . > > If you are thinking of having fail2ban look for rejected /IN/NS/. > queries and banning the senders, a better choice is to use the DNSDDOS > action available at > http://www.shorewall.net/pub/shorewall/contrib/DNSDDOS. It simply drops > the bogus queries and lets all other UDP DNS traffic through. > > > > > > ------------------------------------------------------------------------------ > Open Source Business Conference (OSBC), March 24-25, 2009, San Francisco, > CA > -OSBC tackles the biggest issue in open source: Open Sourcing the > Enterprise > -Strategies to boost innovation and cut costs with open source > participation > -Receive a $600 discount off the registration fee with the source code: > SFAD > http://p.sf.net/sfu/XcvMzF8H > _______________________________________________ > Shorewall-users mailing list > Shorewall-users@lists.sourceforge.net > https://lists.sourceforge.net/lists/listinfo/shorewall-users >------------------------------------------------------------------------------ Open Source Business Conference (OSBC), March 24-25, 2009, San Francisco, CA -OSBC tackles the biggest issue in open source: Open Sourcing the Enterprise -Strategies to boost innovation and cut costs with open source participation -Receive a $600 discount off the registration fee with the source code: SFAD http://p.sf.net/sfu/XcvMzF8H