[CentOS-docs] Error in SecuringSSH Iptables Description
Ned Slider
ned at unixmail.co.ukSat Dec 28 20:06:27 UTC 2013
- Previous message: [CentOS-docs] Error in SecuringSSH Iptables Description
- Next message: [CentOS-docs] Request access to CentOS wiki
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
On 28/12/13 17:57, Eli L. wrote: > The description for the iptables -m limit rule is incorrect[1], and I don't > have edit permissions to fix it: > > "The first line will accept new connections on port 22 provided that IP > address hasn't made more than 3 connection attempts in the last minute." > > Should read more like: > > "The first line will accept new connections on port 22 provided there > haven't been more than 3 connection attempts across all clients in the last > minute." > > Important distinction as it opens you up to being denied login when anyone > tries to brute force. > Might be worth dropping the limit example altogether since the preceding -m > recent example is far safer. > > -- > -Eli > > > [1] Third set of rules on > http://wiki.centos.org/HowTos/Network/SecuringSSH#head-a296ec93e31637aa349538be07b37f67d836688a > > Many thanks for the feedback. As you say, that example doesn't really add anything over and above the first example so as suggested I've removed it.
- Previous message: [CentOS-docs] Error in SecuringSSH Iptables Description
- Next message: [CentOS-docs] Request access to CentOS wiki
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
More information about the CentOS-docs mailing list