[CentOS] [WTA] Automatically blocking on failed login
Matt
lm7812 at gmail.comMon May 24 18:48:54 UTC 2010
- Previous message: [CentOS] [WTA] Automatically blocking on failed login
- Next message: [CentOS] [WTA] Automatically blocking on failed login
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
> Hello All, > I had problems with the security server, the server is frequently attacked > using bruteforce attacks. Is there an application that can perform automatic > blocking when there are failed login to the ports smtp, pop3 port, and > others? > > I am currently using CentOS 5.5 in some servers > Thanks in advanced....... This is very simple and works great. Have done it on about 5 servers now. iptables -A INPUT -p tcp --dport 22 -m state --state NEW -m recent --set --name SSH iptables -A INPUT -p tcp --dport 22 -m state --state NEW -m recent --update --seconds 60 --hitcount 3 --rttl --name SSH -j LOG --log-prefix 'SSH attack: ' iptables -A INPUT -p tcp --dport 22 -m state --state NEW -m recent --update --seconds 60 --hitcount 3 --rttl --name SSH -j DROP http://kevin.vanzonneveld.net/techblog/article/block_brute_force_attacks_with_iptables/ Matt
- Previous message: [CentOS] [WTA] Automatically blocking on failed login
- Next message: [CentOS] [WTA] Automatically blocking on failed login
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
More information about the CentOS mailing list