My server was getting brute forced, no problem they were going slow and easy - didn't raise load any. BUT I kept getting emails from BFD saying they were already banned??????????? Hours later!!!!!!!!!!!!!!
WTF!!!!!!!!!!!!!!!
Anyway the banned address was 87-114-60-69.serverpronto.com which doesn't actually resolve. However on checking the messages log I found the IP to be 69.60.114.87
so I
apf -d 69.60.114.87
and that seems to have solved the problem.
Anyway it's interesting that someone has come up with a way to fool APF & BFD into NOT banning them, so they can do brute forces till the cows come home...
Maybe it's time I upgraded my APF...
Anyway I thought this might be of interest to other server owners.
WTF!!!!!!!!!!!!!!!
Anyway the banned address was 87-114-60-69.serverpronto.com which doesn't actually resolve. However on checking the messages log I found the IP to be 69.60.114.87
so I
apf -d 69.60.114.87
and that seems to have solved the problem.
Anyway it's interesting that someone has come up with a way to fool APF & BFD into NOT banning them, so they can do brute forces till the cows come home...
Maybe it's time I upgraded my APF...
Anyway I thought this might be of interest to other server owners.
