Blog GL2i

User Tools

Site Tools

Trace:
en:security:reaction

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revisionPrevious revision
Next revision		Previous revision
en:security:reaction [2024/08/08 21:28] – [Odds always win] lonclegren:security:reaction [2024/08/13 21:58] (current) lonclegr
Line 27: Line 27:
 ===== New architecture ===== ===== New architecture =====
  
-In this new architecture, I introduced a new server "Bastion SSH Server" which will have only SSH server and [[https://blog.ppom.me/en-reaction/|reaction]].+In this new architecture, I introduced a new server "Bastion SSH Server" which has only SSH server and [[https://blog.ppom.me/en-reaction/|reaction]].
  
 {{ :en:security:architecture-one-server-access-with-bastion.png?direct&600 |Architecture with Bastion SSH server}} {{ :en:security:architecture-one-server-access-with-bastion.png?direct&600 |Architecture with Bastion SSH server}}
Line 118: Line 118:
 </code> </code>
  
-and the config file for SSH+and the config file for SSH based on [[https://reaction.ppom.me/filters/ssh.html|official documentation]]
  
 <code> <code>
Line 131: Line 131:
         regex:         regex:
           - 'authentication failure;.*rhost=<ip>'           - 'authentication failure;.*rhost=<ip>'
 +          - 'Connection (reset|closed) by (authenticating|invalid) user .* <ip>'
 +          - 'Failed password for .* from <ip>'
 +
         retry: 3         retry: 3
         retryperiod: '3h'         retryperiod: '3h'
en/security/reaction.1723166903.txt.gz · Last modified: 2024/08/08 21:28 by lonclegr