iptables in linux
craigwhite at azapple.com
Sat Nov 12 12:38:07 UTC 2011
On Sat, 2011-11-12 at 04:03 -0700, T.C. Hollingsworth wrote:
> On Sat, Nov 12, 2011 at 3:19 AM, Roger <arelem at bigpond.com> wrote:
> > Is there a way to limit:
> > -number of log in attempts to 2,
> > -the duration of a log in attempt to 3 seconds or less
> > -the number of times a username can be tried, prefer it set at 2 and
> > then not again for 24 hours if it fails.
> "NumberOfPasswordPrompts" in /etc/ssh_config takes care of at least
> one of those. See "man ssh_config" for details.
> > Also is there a way to DROP ip addresses after 2 attempts and not allow
> > that ip address for say 24 hours?
> Take a look at fail2ban: http://www.fail2ban.org/
> It's in the repos: "yum install fail2ban"
or denyhosts - perhaps simpler ambitions than fail2banbut highly
effective at blocking ip addresses with consecutive logon failures.
This message has been scanned for viruses and
dangerous content by MailScanner, and is
believed to be clean.
More information about the users