Al usar AWS re:Post, aceptas las AWS re:Post Términos de uso

Using Fail2Ban with Greengrass Secure Tunnel Component

0

We would like to secure our edge devices with Fail2Ban, https://github.com/fail2ban/fail2ban, without blocking the AWS Greengrass V2 Component for Secure Tunnel. Is there any guidance as to how to configure our fail2ban to not block the secure tunnel ?

1 Respuesta
1
Respuesta aceptada

I am not aware of such guidance, and didn't find any in a quick search - which might be an indication that it doesn't exist. Generally speaking, Secure tunneling uses a client/device-initiated tunneling, which means that you don't need any inbound ports open as long as established connections are allowed. See also here for more details. That being said, fail2ban should not block those as long as it's only applied on inbound connections. Also, if you don't require any inbound connections, I would recommend to not open any inbound port, but only allow the outbound plus established / related connections.

profile pictureAWS
respondido hace un año
profile picture
EXPERTO
revisado hace 6 meses

No has iniciado sesión. Iniciar sesión para publicar una respuesta.

Una buena respuesta responde claramente a la pregunta, proporciona comentarios constructivos y fomenta el crecimiento profesional en la persona que hace la pregunta.

Pautas para responder preguntas