You must log in or register to comment.
The thing about fail2ban is that it’s only affective against automated scans and script kiddies, and if you keep things updated and configured correctly then they aren’t a threat. Any adversary that can break encryption or exploit a zero day can also get around fail2ban.
Port knocking or gtfo
Fr tho why does no one do port knocking? I know its not a comprehensive solution but it’s a pretty cool component imo.
If you set it up wrong or the service fails to start; you’ll need to use a console to recover.
Most people don’t even know about serial console servers
https://www.jpaul.me/2019/01/how-to-build-a-raspberry-pi-serial-console-server-with-ser2net/
