[Firewall] IDS Functionality
gcooper at sonoracomm.com
Fri Feb 14 16:14:09 CET 2014
I hope this isn't a stupid question or one that's been answered already...
I am in the process of upgrading a hosting platform to new hardware in a new
datacenter. Basically, I'm talking about Virtualmin on CentOS 6 bastion
hosts (no forwarding).
Last year, I had terrible problems with botnets. Still do. I had to get
really ugly by making Apache throw errors at specific (rather benign) URLs
and then using Fail2Ban to firewall off the IP addresses at the very first
error. I had to add RAM and CPU and I still ended up with an
under-performing web/mail server with many thousands of DROP rules. It was
NOT fun and I had to spend too much time configuring a less than perfect
So, now that I'm upgrading, I wanted to ask it you all know of a better
solution? Is there any easy-to-integrate-with-AFW IDS?
Sonora Communications, Inc.
1215 E. Pennsylvania Street
Tucson, AZ 85714
-------------- next part --------------
A non-text attachment was scrubbed...
Size: 4258 bytes
Desc: S/MIME Cryptographic Signature
More information about the Firewall