From 85ca5389bb168eaccf3307ae9efd47a1539ccaf1 Mon Sep 17 00:00:00 2001 From: Alexandre Dulaunoy Date: Thu, 23 Feb 2023 16:38:11 +0100 Subject: [PATCH] chg: [blog] minor typo fixed --- content/blog/MISP-fail2ban-integration.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/content/blog/MISP-fail2ban-integration.md b/content/blog/MISP-fail2ban-integration.md index 00ad0b6..de58ffe 100644 --- a/content/blog/MISP-fail2ban-integration.md +++ b/content/blog/MISP-fail2ban-integration.md @@ -19,7 +19,7 @@ So far, so good, so known. The question is, why should we stop there? We could easily (seriously!) push those offending IP addresses into a MISP, share the information with the world and keep those bloody attackers out of way more machines than only the one we run fail2ban on. Or we can use the collected information for correlation purposes and for retrospective views in forensic investigations. -If a MISP server is reachable, production machines can use this immediately to feed the Thread Sharing platform. +If a MISP server is reachable, production machines can use this immediately to feed the Threat Intelligence Sharing platform. And we can also easily set up a honeypot, and don't tolerate any invalid login attempt. Block it immediately, share it immediately.