The C is correct In reference is written:
A service called Fail2ban can mitigate this problem by creating rules that automatically alter your iptables firewall configuration based on a predefined number of unsuccessful login attempts. This will allow your server to respond to illegitimate access attempts without intervention from you.
Qouting usandoati: The C is correct In reference is written:
A service called Fail2ban can mitigate this problem by creating rules that automatically alter your iptables firewall configuration based on a predefined number of unsuccessful login attempts. This will allow your server to respond to illegitimate access attempts without intervention from you.
The C is correct
In reference is written: Fail2ban can mitigate this problem by creating rules that automatically alter your iptables firewall configuration based on a predefined number of unsuccessful login attempts.
B is correct, due to [sshd] configuration in /etc/fail2ban/jail.conf file.
After installing the utility, there is a new configuration directory: /etc/fail2ban. The primary configuration file is the /etc/fail2ban/jail.conf file.
In addition, there are sections for different jails. For example, you can have a section that relates to SSH connections, like the following:
[sshd]
enabled = true
maxretry = 3
This is a simple example and there are many other possible features you can use in the section. For example, you could create a custom action rule, including sending someone an e-mail in the event the rule is used to block an IP address:
[sshd]
enabled = true
maxretry = 3
action = iptables[name=SSH, port=ssh, protocol=tcp]
sendmail-whois[name=SSH, dest=root, [email protected]]
The action setting tells the fail2ban daemon what actions to take. The actions are normally defined in the /etc/fail2ban/action.d/iptables.conf file.
Its's right that you have to configure the SSH service with Fail2ban in order Fail2ban can alter incoming connection to SSH, but at the end of the day Fail2ban blocks offending SSH clients by creating and mantaining netfilter rules, so the correct answer is C.
Armina, in your config you see "action = iptables" which means, fail2ban uses iptables to create a firewall block rule - which is Answer C.
upvoted 3 times
...
...
Log in to ExamTopics
Sign in:
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.
Upvoting a comment with a selected answer will also increase the vote count towards that answer by one.
So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.
Admingui
Highly Voted 4 years, 1 month agousandoati
Highly Voted 4 years, 1 month agoLantos
Most Recent 1 year, 4 months agoserlan
1 year, 9 months agoserlan
1 year, 9 months agoserlan
1 year, 9 months agomira_
1 year, 11 months agogranatapfel
1 year, 12 months agoschif
2 years, 4 months agoArmina
2 years, 7 months agojorgevisentini
7 months, 3 weeks agoMaikyCR28
1 year agogranatapfel
1 year, 12 months ago