GoFuckYourself.com - Adult Webmaster Forum - View Single Post

ServerGenius · 05-26-2006, 09:08 AM

add this to your iptables firewall

It will block the sshd port if an ip attempts more than 3 times per minute
to login with a bad password.

-N ssh_brute
-A ssh_brute -p TCP -m state --state ESTABLISHED,RELATED -j ACCEPT
-A ssh_brute -p TCP --syn -m limit --limit 3/minute --limit-burst 3 -j ACCEPT
-A ssh_brute -p TCP -j LOG --log-level "WARN" --log-prefix [DROP:RATE_LIMIT]
-A ssh_brute -p TCP -j REJECT
-I INPUT -p TCP -s 0/0 --dport 22 -j ssh_brute

05-26-2006, 09:08 AM
ServerGenius Confirmed User Join Date: Feb 2002 Location: Amsterdam Posts: 9,377	add this to your iptables firewall It will block the sshd port if an ip attempts more than 3 times per minute to login with a bad password. -N ssh_brute -A ssh_brute -p TCP -m state --state ESTABLISHED,RELATED -j ACCEPT -A ssh_brute -p TCP --syn -m limit --limit 3/minute --limit-burst 3 -j ACCEPT -A ssh_brute -p TCP -j LOG --log-level "WARN" --log-prefix [DROP:RATE_LIMIT] -A ssh_brute -p TCP -j REJECT -I INPUT -p TCP -s 0/0 --dport 22 -j ssh_brute __________________ \| http://www.sinnerscash.com/ \| ICQ: 370820 \| Skype: SinnersCash \| AdultWhosWho \|