![](https://seccdn.libravatar.org/avatar/065b1b1774363493af32c0a6ce9ff07c.jpg?s=120&d=mm&r=g)
On 01/17/2019 07:38 AM, Bob Williams wrote:
On Thu, 17 Jan 2019 08:15:43 -0500 Patrick Shanahan <paka@opensuse.org> wrote:
* Peter Suetterlin <pit@astro.su.se> [01-17-19 06:15]:
Patrick Shanahan wrote:
if you are not running a server, don't install fail2ban.
Any reasoning for this? I definitely disagree. Anything that has an open ssh port should run it IMHO. And that's more than just servers.... but ssh is a server service, and would definitely be a candidate for employing fail2ban. providing a web service or mail is not the only reason(s) for running a server.
Could you clarify please? If I don't have sshd enabled and active, and only use ssh to connect to other machines, am I running an ssh server? I had always thought not, but this thread is confusing me.
The same applies to rsync and rsyncd.
Bob
Hmmm this thread seems to have gone sideways but I think I got an answer... Since SuSEfirewall is going the way of dinosaurs I suspect my question about the SuSEFirewall2-fail2ban is moot.... Bob, as for the distinction, I would argue that the distinction between servers and desktops, and whether you are running an ssh server or not, lies in whether you are opening up ports on your system to accept incoming connections. If you are just initiating outgoing connections, such as using ssh to connect to other systems, or a mail client like Thunderbird to pick up your email, then you are not running a server. Fail2ban is a support service designed to prevent attacks against a server's services from some idiot who is attempting to gain access by guessing login names and passwords. Therefore it is monitoring incoming connections and thus falls in the realm of being a service/server. Marc... -- Linux Counter -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org