[CentOS] Simple IPTABLES Question
Jussi Hirvi
greenspot at greenspot.fiWed Aug 20 10:49:52 UTC 2008
- Previous message: [CentOS] Simple IPTABLES Question
- Next message: [CentOS] Simple IPTABLES Question
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Matt (lm7812 at gmail.com) kirjoitteli (19.8.2008 17:33): > I added these rules to IPTABLES to slow brute force attacks. > > iptables -A INPUT -p tcp --dport 22 -s my_subnet/24 -j ACCEPT > iptables -A INPUT -p tcp --dport 22 -m state --state NEW -m recent > --set --name SSH > iptables -A INPUT -p tcp --dport 22 -m state --state NEW -m recent > --update --seconds 60 --hitcount 5 --rttl --name SSH -j DROP Hi, I use fail2ban to prevent brute force attacks. Much simpler. :-) Fail2ban keeps up blacklists of ip:s that have failed authentication too many times. What is "too many", and the duration of blacklisting can be configured easily in /etc/fail2ban.conf. I think I installed fail2ban simply using yum. Maybe it was in dag or rpmforce, don't remember exactly now. - Jussi -- Jussi Hirvi * Green Spot Topeliuksenkatu 15 C * 00250 Helsinki * Finland Tel. & fax +358 9 493 981 * Mobile +358 40 771 2098 (only sms) jussi.hirvi at greenspot.fi * http://www.greenspot.fi
- Previous message: [CentOS] Simple IPTABLES Question
- Next message: [CentOS] Simple IPTABLES Question
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
More information about the CentOS mailing list