Using its standard configuration, how does fail2ban block offending SSH clients?



A. By rejecting connections due to its role as a proxy in front of SSHD.
B. By modifying and adjusting the SSHD configuration.
C. By creating and maintaining netfilter rules.
D. By creating null routes that drop any answer packets sent to the client.
E. By modifying and adjusting the TCP Wrapper configuration for SSHD.

題解

「fail2ban」可以用來掃描記錄檔,來檢查密碼嘗試次數過過多的IP位址,並且將其阻擋。其阻擋的方式是透過修改防火牆規則來達成。

所以答案是選項「C」。