translating

sources/tech/20130315 How to protect SSH server from brute force attacks using fail2ban.md

@@ -5,7 +5,7 @@ How to protect SSH server from brute force attacks using fail2ban
 ================
 
 One common attack on SSH service is brute force attacks where a remote attacker indefinitely attempts to log in with different passwords. Of course there are arguments against password authentication for SSH, and alternative authentication mechanisms such as [public key authentication][1] or [two-factor authentication][2] exist to obsolete such attacks. Putting aside pros and cons of different authentication methods, let's consider the situation where password authentication is required. How would you protect your SSH server against brute-force attacks?
-对于SSH服务的常见的攻击就是暴力破解攻击--远程攻击者通过不同的密码来进行无限地登录尝试。当然SSH存在参数来防备密码验证以及可用的验证机制，例如[公钥验证][1]或者[双重验证][2]，
+对于SSH服务的常见的攻击就是暴力破解攻击--远程攻击者通过不同的密码来进行无限地登录尝试。当然SSH存在参数来防备密码验证以及可用的验证机制，例如[公钥验证][1]或者[双重验证][2]，存在此类过时的攻击. 将不同的验证方法的优劣处先放在一边,先考虑一下强制密码验证的情形.你是如何保护你的SSH服务器免遭暴力破解攻击的呢?
 
 [fail2ban][3] is a well-known open-source intrusion prevention framework on Linux that monitors various system log files (e.g., /var/log/auth.log or /var/log/secure) and automatically triggers various defensive actions upon detecting any suspicious activities. In fact, fail2ban can be quite useful to defend against brute force password guessing attacks on an SSH server.