Blocking Postfix traffic using Fail2ban

So if you are reading this then you have probably seen what appears to be every bot in China connecting to your Postfix server to attempt anything from relaying to auth attacking. Well, have I got the solution for you! Now before you implement this, I will warn you, this is very restrictive, it doesn’t… Read more »

Limit SSH connections geographically

There is a real security risk to leaving your shell connection ports exposed to the internet especially if you don’t ever intend on connecting from Zimbabwe as well as other random countries. This can limit brute force attack exposure and also save valuable resources and bandwidth by rejecting a packets before a tcp handshake. Install… Read more »

How to block telnet and SSH on outside interface on Cisco routers

How to block telnet and SSH on outside interface on Cisco routers By default, a lot of Cisco routers allow Telnet and SSH on the outside interface, this can cause a large security risk of being brute force attacked. Ideally Telnet should be blocked completely as it is an unsecure protocol and SSH should only… Read more »

How to install and configure fail2ban on Linux

How to install and configure fail2ban Reducing your attack area is ideal but in the situations where you need to expose services to the wild, you should reduce the effectiveness of attacks, this is where Fail2Ban comes in handy, it constantly reads logs you specify in the configuration file for multiple user pass attempts, if… Read more »