Re: Simple IPTABLES Question

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]



Matt (lm7812@xxxxxxxxx) kirjoitteli (19.8.2008 17:33):

> I added these rules to IPTABLES to slow brute force attacks.
> 
> iptables -A INPUT -p tcp --dport 22 -s my_subnet/24 -j ACCEPT
> iptables -A INPUT -p tcp --dport 22 -m state --state NEW -m recent
> --set --name SSH
> iptables -A INPUT -p tcp --dport 22 -m state --state NEW -m recent
> --update --seconds 60 --hitcount 5 --rttl --name SSH -j DROP

Hi,

I use fail2ban to prevent brute force attacks. Much simpler. :-)

Fail2ban keeps up blacklists of ip:s that have failed authentication too
many times. What is "too many", and the duration of blacklisting can be
configured easily in /etc/fail2ban.conf.

I think I installed fail2ban simply using yum. Maybe it was in dag or
rpmforce, don't remember exactly now.

- Jussi

--
Jussi Hirvi * Green Spot
Topeliuksenkatu 15 C * 00250 Helsinki * Finland
Tel. & fax +358 9 493 981 * Mobile +358 40 771 2098 (only sms)
jussi.hirvi@xxxxxxxxxxxx * http://www.greenspot.fi

_______________________________________________
CentOS mailing list
CentOS@xxxxxxxxxx
http://lists.centos.org/mailman/listinfo/centos

[Index of Archives]     [CentOS]     [CentOS Announce]     [CentOS Development]     [CentOS ARM Devel]     [CentOS Docs]     [CentOS Virtualization]     [Carrier Grade Linux]     [Linux Media]     [Asterisk]     [DCCP]     [Netdev]     [Xorg]     [Linux USB]
  Powered by Linux