This was sent to me regarding the wiki. ---------- Forwarded message ---------- From: "Martin Koníček" <mkonicek12 at gmail.com> Date: Mar 7, 2013 4:44 AM Subject: mistake on Securing SSH To: <timothy.ty.lee at gmail.com> Cc: Hi TImothy, I saw wiki http://wiki.centos.org/HowTos/Network/SecuringSSH and it is pretty good, but there is a mistake. *Instead of having* iptables -A INPUT -p tcp --dport 22 -m recent --set --name ssh --rsource iptables -A INPUT -p tcp --dport 22 -m recent ! --rcheck --seconds 60 --hitcount 4 --name ssh --rsource -j ACCEPT *You should have* iptables -A INPUT -p tcp --dport 22 *-m state --state NEW* -m recent --set --name ssh --rsource iptables -A INPUT -p tcp --dport 22 *-m state --state NEW* -m recent ! --rcheck --seconds 60 --hitcount 4 --name ssh --rsource -j ACCEPT Brgds. -- Martin -------------- next part -------------- An HTML attachment was scrubbed... URL: <http://lists.centos.org/pipermail/centos-docs/attachments/20130307/85af321c/attachment-0002.html>