Re: SSH2

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



There is some job in prevent this SSH Attack by using port knocking
techniques with iptables.
With it will be need to do a probe in a other port from the admin
choice to later do the ssh connection. This don't prevent all the
attack, but will block all the script kiddies.
Look at: http://www.soloport.com/iptables.html and http://www.portknocking.org/

On Apr 6, 2005 1:09 AM, Mike Klinke <mklinke@xxxxxxxx> wrote:
> On Tuesday 05 April 2005 17:43, Chris W. Parker wrote:
> > I wonder why though the firewall (iptables) doesn't automatically
> > block ip addresses after say 20 failed attempts? Is this
> > possible?
> 
> You can run sshd via xinetd for access to various filtering.  For
> example you can set up for example you can specify:
> 
> per_source ---
> 
> Takes an integer or "UNLIMITED" as an argument.  This specifies the
> maximum instances of  this  service  per source  IP address.
> 
> cps ---
> 
> Limits the rate of incoming  connections.  Takes two arguments.
> The  first argument is the number of connections per second to
> handle.  If the rate of  incoming  connections is higher than this,
> the service will be temporarily disabled.  The second argument  is
> the number  of seconds to wait before re-enabling the service after
> it has been disabled.
> 
> only_from ---
> 
> Limit connection to certain addresses.
> 
> and others ----
> 
> see "man xinetd.conf"
> 
> Example /etc/xinetd.d/ssh file:
> 
> service ssh
> {
>         disable = no
>         socket_type = stream
>         type = UNLISTED
>         port = 22
>         protocol = tcp
>         wait = no
>         user = root
>         server = /usr/sbin/sshd
>         server_args = -i -u0
>         only_from = <ip address/range>
> }
> 
> --
> redhat-list mailing list
> unsubscribe mailto:redhat-list-request@xxxxxxxxxx?subject=unsubscribe
> https://www.redhat.com/mailman/listinfo/redhat-list
> 


-- 
Cleber P. de Souza

-- 
redhat-list mailing list
unsubscribe mailto:redhat-list-request@xxxxxxxxxx?subject=unsubscribe
https://www.redhat.com/mailman/listinfo/redhat-list

[Index of Archives]     [CentOS]     [Kernel Development]     [PAM]     [Fedora Users]     [Red Hat Development]     [Big List of Linux Books]     [Linux Admin]     [Gimp]     [Asterisk PBX]     [Yosemite News]     [Red Hat Crash Utility]


  Powered by Linux