This website is hosted on my own dedicated server (a kimsufi) and like every server, it’s getting regularly attacked.
To identify those attacks, I needed to add a layer of security to ban recurrent attempt, this layer is Fail2ban. It’s a widely known and recognized python script that analyses your log file to ban repetitive failed authentication.
I had enough of getting the same IP banned, and found only a simple script that add a new action to fail2ban: Tarpit.
If you are not sure what the tarpit target is or why you would want to use it, a basic explanation is that you send unwanted TCP traffic to the tarpit target with iptables. All connections are accepted and immediately switched to the persist state. The remote side stops sending data and asks to continue every 60-240 seconds and attempts to close the connections from the remote side are ignored. The connection will then timeout in 12-24 minutes.
I'm basically born with a computer ; I've been dabbling with computers since I'm 6 year old.
I love technology and do my best to share all that I learn in this blog. You'll find here blog post about the tech that I use, or I used ; the different project I work on. It'll always be related to technology in a way or in another. Read More…