Comment on CrowdSec vs Fail2Ban - What to use?
SirMaple__@lemmy.ca 3 days agoI’ve been thinking about going this route. What size subnet are you blocking? /24?
Only thing stopping me is I selfhost email and don’t want to ban say a whole subnet from Microsoft/Azure and end up blocking the outgoing servers for O365. I’m sure I can dig around and look at the prefixes to see which are used for which of their services just haven’t had the time yet.
mbirth@lemmy.ml 3 days ago
I let CrowdSec determine that. I’m seeing
/13
,/12
and even/10
in my decisions list. All seem to be Amazon AWS ranges.sudneo@lemm.ee 3 days ago
Wow, those are big networks. Obviously I suppose in case of AWS it doesn’t matter as no human visitor (except maybe some VPN connection?) will visit from there.
As someone who bans /32 IPs only, is the main advantage resource consumption?