[CentOS] Crashing Nameservers

[Jim Perrin]

> Seems I'm experiencing a DoS against vsftp login. Anybody got a good way
> to limit the number of failed login attempts by one IP address?
>

While it's not specific against the one ip address, you can use the
--limit option of iptables to restrict ftp connection attempts to a
max set rate.

For example: --limit 5/minute would slow things down considerably.
There's also --limit-burst and a couple other options that would help
out.

--
Jim Perrin
System Architect - UIT
Ft Gordon & US Army Signal Center