Re: Any danger from these ports?

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On Sat, 8 Jan 2005 21:49:21 -0500 (EST), Tom Diehl <tdiehl@xxxxxxxxxxxx> wrote:
> Another thing you might want to look into is the ipt_recent module for iptables.
> I just crafted a couple of rules for fwbuilder that allow iptables to watch
> for multiple connection attempts from the same address within minute.
> I have it set so that if the same ip address tries to connect more than 2
> times in a minute, subsequent connections attempts from that ip address
> are simply dropped by iptables. After 60 seconds connections from the offending
> ip are restored, at least until they exceed the threshold again. That at least
> limits how many attempts the bad guys can make. If it is just someone that
> screwed up their username or passwd it does not lock them out permanently.

Any chance you can share the example iptables rules that makes this
happen to the list?

Is the use of ipt_recent in a similar way something worth considering
as an inclusion to fedora default firewall rules?

-jef


[Index of Archives]     [Fedora Desktop]     [Fedora SELinux]     [Photo Sharing]     [Yosemite Forum]     [KDE Users]