Error in SecuringSSH Iptables Description

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



The description for the iptables -m limit rule is incorrect[1], and I don't have edit permissions to fix it:

"The first line will accept new connections on port 22 provided that IP address hasn't made more than 3 connection attempts in the last minute."

Should read more like:

"The first line will accept new connections on port 22 provided there haven't been more than 3 connection attempts across all clients in the last minute."

Important distinction as it opens you up to being denied login when anyone tries to brute force.
Might be worth dropping the limit example altogether since the preceding -m recent example is far safer.

--
-Eli


[1] Third set of rules on http://wiki.centos.org/HowTos/Network/SecuringSSH#head-a296ec93e31637aa349538be07b37f67d836688a
_______________________________________________
CentOS-docs mailing list
CentOS-docs@xxxxxxxxxx
http://lists.centos.org/mailman/listinfo/centos-docs

[Index of Archives]     [CentOS]     [CentOS Announce]     [CentOS Users]     [CentOS Virtualization]     [Linux Media]     [Asterisk]     [Netdev]     [X.org]     [Xfree86]     [Linux USB]     [Project Hail Cloud Computing]

  Powered by Linux