notohh/snowflake
notohh/snowflake
1
0
Fork 0
Code Issues Pull requests Projects 1 Releases Packages Wiki Activity

sec: recommended aggressive ids on edge #1

New issue
Closed
opened 2023-06-24 18:36:23 -04:00 by Ghost · 2 comments
Ghost commented 2023-06-24 18:36:23 -04:00
Copy link

ef82734585/modules/security.nix (L52)

since you're already setting ignoreip👍

 	    ignoreIP = [
	      "192.168.0.0/16"
	      "172.16.0.0/12"
	      "10.0.0.0/8"
	      "5.161.181.184"
	    ];

here are some recommended settings for global config:

findtime = 100000
bantime  = 100000
maxretry = 1
mode = aggressive

this keeps the noise from the bots+scanners on the internet and the skids with scriptz at bay.

https://git.notohh.dev/notohh/snowflake/src/commit/ef82734585759868abe0cc5ec3f7a81e6bcc4914/modules/security.nix#L52 since you're already setting `ignoreip`👍 ```` ignoreIP = [ "192.168.0.0/16" "172.16.0.0/12" "10.0.0.0/8" "5.161.181.184" ]; ```` here are some recommended settings for global config: ```` findtime = 100000 bantime = 100000 maxretry = 1 mode = aggressive ```` this keeps the noise from the bots+scanners on the internet and the skids with scriptz at bay.
notohh commented 2023-06-24 19:00:15 -04:00
Owner
Copy link

awesome! will put this in the config asap

awesome! will put this in the config asap
notohh commented 2023-06-25 11:09:32 -04:00
Owner
Copy link

added

added
Sign in to join this conversation.
No Branch/Tag specified
Branches Tags
master
No results found.
Labels
Clear labels   
area/documentation

   
area/networking

   
bug

   
feature
  
host
ame

  
host
arashi

  
host
kariru

  
host
kaze

  
host
sakura

  
hosts
all

  
host
sora

  
host
tsuki

  
host
tsuru

  
host
yuki

  
priority
1
low

  
priority
2
medium

  
priority
3
high

  
status
blocked

  
status
needs-research

  
styling

   
treewide
No labels
area/documentation
area/networking
bug
feature
host
ame
host
arashi
host
kariru
host
kaze
host
sakura
hosts
all
host
sora
host
tsuki
host
tsuru
host
yuki
priority
1
priority
2
priority
3
status
blocked
status
needs-research
styling
treewide
Milestone
Clear milestone
No items
No milestone
Projects
Clear projects
No items
No project
Assignees
Clear assignees
No assignees
2 participants
Notifications
Due date
The due date is invalid or out of range. Please use the format "yyyy-mm-dd".

No due date set.

Dependencies

No dependencies set.

Reference: notohh/snowflake#1
No description provided.
Delete branch "%!s()"

Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?