On 07:09, Fri 17 Nov 06, Sudev Barar wrote: > >You can use IPTables to limit the rate of connections. I allow only 2 > >connections from a given IP address within each 3 minute period. > > I know this is sloppy and lazy but can you post your iptables line > that does this? Something like: # Don't have a limit on my_trusted_domain iptables -A INPUT -p tcp -s my_trusted_domain.org --dport 22 -j ACCEPT # Don't have a limit the internal net iptables -A INPUT -p tcp -s internal_net --dport 22 -j ACCEPT iptables -A INPUT -p tcp --dport 22 -m limit --limit 2/minute --limit-burst 1 -j ACCEPT iptables -A INPUT -p tcp --dport 22 -j REJECT --reject-with tcp-reset Search iptables manual page for limit :). Sarunas _______________________________________________ CentOS mailing list CentOS@xxxxxxxxxx http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Re: IPTables Blocking Brute Forcers
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
- To: CentOS mailing list <centos@xxxxxxxxxx>
- Subject: Re: [CentOS] Re: IPTables Blocking Brute Forcers
- From: Sarunas Vancevicius <svan@xxxxxxxxxxxxxxx>
- Date: Tue, 21 Nov 2006 10:05:12 +0000
- Delivered-to: centos@xxxxxxxxxx
- In-reply-to: <774593a20611161739r62cbf5cbj767ac2306372720e@xxxxxxxxxxxxxx>
- References: <C181E97F.529A%brian@xxxxxxxx> <200611161336.50126.swsnyder@xxxxxxxxxxxxx> <774593a20611161739r62cbf5cbj767ac2306372720e@xxxxxxxxxxxxxx>
- User-agent: Mutt/1.5.11
- References:
- [CentOS] Re: IPTables Blocking Brute Forcers
- From: Brian Marshall
- Re: [CentOS] Re: IPTables Blocking Brute Forcers
- From: Steve Snyder
- Re: [CentOS] Re: IPTables Blocking Brute Forcers
- From: Sudev Barar
- [CentOS] Re: IPTables Blocking Brute Forcers
- Prev by Date: [CentOS] Postfix: postconf warning on install with yum
- Next by Date: Re: [CentOS] Postfix: postconf warning on install with yum
- Previous by thread: Re: [CentOS] Re: IPTables Blocking Brute Forcers
- Next by thread: [CentOS] System crashed & LVM1
- Index(es):
 |