On Fri, Oct 9, 2009 at 7:35 PM, Niki Kovacs contact@kikinovak.net wrote:
Hi,
I just set up a web server... and my bandwidth is being eaten by some chinese folks trying to brute-force-ssh their way into the machine.
Is there a simple way to banish either single IP addresses or, maybe even better, whole IP classes ? I know it's feasible with iptables, but is there something more easily configurable ?
Cheers,
Niki _______________________________________________ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
The best way is iptables. If you know you dont/wont have any relations within China/Taiwan/etc you could ban whole subnets. It would help to use ipset in conjunction with iptables, just for optimisation's sake :)