Hacker News new | past | comments | ask | show | jobs | submit login

From what? Generally fail2ban only exposes unnecessary attack surface while providing zero benefit.



How does fail2ban expose attack surface?


It's code running on partially attacker-controlled inputs. It several times had vulnerabilities that allowed an attacker to trigger blocks for arbitrary IPs.


I remember there's a privEsc on old versions of fail2ban.


Do you remember roughly when the privEsc was?

https://www.cvedetails.com/vulnerability-list/vendor_id-5567...


Sketchy parsers operating on untrusted, unstructured log data.

fail2ban is worse than useless.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: