I did a little digging through my various notes and found the following
for limiting SSH connections:
simply limit the amount of connections a host is allowed to the ssh port
iptables -N SSHSCAN
iptables -A INPUT -p tcp --dport 22 -m state --state NEW -j SSHSCAN
iptables -A SSHSCAN -m recent --set --name SSH
iptables -A SSHSCAN -m recent --update --seconds 300 --hitcount 3 --name
SSH -j DROP
limits each host to 3 connections within 5 minutes. enough to make bots
stop
and still not too annoying for users that mistype their password 3x3 times
======================
But when you 'hand edit' iptables, the firewall gui gets 'upset' Also
you would need similar rules for ip6tables.
--
users mailing list
users@xxxxxxxxxxxxxxxxxxxxxxx
To unsubscribe or change subscription options:
https://admin.fedoraproject.org/mailman/listinfo/users
Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines
Have a question? Ask away: http://ask.fedoraproject.org
