[CentOS] Ideas for stopping ssh brute force attacks
Spiro Harvey, Knossos Networks Ltd
spiro at knossos.net.nzMon Jul 21 21:30:16 UTC 2008
- Previous message: [CentOS] Ideas for stopping ssh brute force attacks
- Next message: [CentOS] Ideas for stopping ssh brute force attacks
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
> iptables -N SSHSCAN > iptables -A INPUT -p tcp --dport 22 -m state --state NEW -j SSHSCAN > iptables -A SSHSCAN -m recent --set --name SSH > iptables -A SSHSCAN -m recent --update --seconds 300 --hitcount 3 --name SSH > -j DROP hey, this is awesome. we're currently filtering log files looking for multiple failed connections, then adding them to iptables for a few minutes. this is much cleaner. :) thanks. -- Spiro Harvey Knossos Networks Ltd 021-295-1923 www.knossos.net.nz
- Previous message: [CentOS] Ideas for stopping ssh brute force attacks
- Next message: [CentOS] Ideas for stopping ssh brute force attacks
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
More information about the CentOS mailing list