Re: Error in SecuringSSH Iptables Description

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On 28/12/13 17:57, Eli L. wrote:
> The description for the iptables -m limit rule is incorrect[1], and I don't
> have edit permissions to fix it:
>
> "The first line will accept new connections on port 22 provided that IP
> address hasn't made more than 3 connection attempts in the last minute."
>
> Should read more like:
>
> "The first line will accept new connections on port 22 provided there
> haven't been more than 3 connection attempts across all clients in the last
> minute."
>
> Important distinction as it opens you up to being denied login when anyone
> tries to brute force.
> Might be worth dropping the limit example altogether since the preceding -m
> recent example is far safer.
>
> --
> -Eli
>
>
> [1] Third set of rules on
> http://wiki.centos.org/HowTos/Network/SecuringSSH#head-a296ec93e31637aa349538be07b37f67d836688a
>
>

Many thanks for the feedback.

As you say, that example doesn't really add anything over and above the 
first example so as suggested I've removed it.





_______________________________________________
CentOS-docs mailing list
CentOS-docs@xxxxxxxxxx
http://lists.centos.org/mailman/listinfo/centos-docs




[Index of Archives]     [CentOS]     [CentOS Announce]     [CentOS Users]     [CentOS Virtualization]     [Linux Media]     [Asterisk]     [Netdev]     [X.org]     [Xfree86]     [Linux USB]     [Project Hail Cloud Computing]

  Powered by Linux