[CentOS] Re: IPTables Blocking Brute Forcers
Sudev Barar
sbarar at gmail.com
Fri Nov 17 01:39:31 UTC 2006
On 17/11/06, Steve Snyder <swsnyder at insightbb.com> wrote:
> On Thursday 16 November 2006 12:10 pm, Brian Marshall wrote:
> [snip]
> > Does anyone have suggestions on how I can script IPTables or put some
> > other security measure in place that could detect brute-forcing and
> > reject from their IP?
>
> You can use IPTables to limit the rate of connections. I allow only 2
> connections from a given IP address within each 3 minute period.
>
> That allows for a quick retry when I mis-type the password, but makes for
> a very sloooooooow brute force attack. Most script kiddies aren't
> willing to put in that kind of time on a single target. I hardly ever
> see more than 2 attempts to crack my box now.
I know this is sloppy and lazy but can you post your iptables line
that does this?
--
Regards,
Sudev Barar
More information about the CentOS
mailing list