I love IP Tables....
Amadeus W.M.
amadeus84 at verizon.net
Sat May 26 04:57:59 UTC 2007
> People asked - here is the answer:
> # Then setup the reject trap
> $IPTABLES -A INPUT -p tcp --syn --dport 22 -m recent --name sshattack
> --set $IPTABLES -A INPUT -p tcp --dport 22 --syn -m recent --name
> sshattack \
> --rcheck --seconds 180 --hitcount 2 -j LOG --log-prefix 'SSH REJECT: '
> $IPTABLES -A INPUT -p tcp --dport 22 --syn -m recent --name sshattack \
> --rcheck --seconds 180 --hitcount 2 -j REJECT --reject-with tcp-reset
>
>
> Adapt it to your configuration, of course. {^_^} (I probably should
> have included that in the first email for
> politeness. Please 'scuse me.)
You do know, that if you run ssh on your pet's birthday port, rather than
22, you will not see any of the crap brute force attacks, don't you?
More information about the users
mailing list