peterh - Linux - Blog

With iptables module recent you can limit the count of tcp connection attempts. In my case i allow only 3 ssh connection attempts per minute. This stops script kiddies doing ssh brute force attacs.

iptables -N synflood
iptables -A synflood -p tcp --dport ssh -m recent --set --name SSH
iptables -A synflood -p tcp --dport ssh -m recent --update \
                     --seconds 60 --hitcount 4 --name SSH -j DROP

iptables -A INPUT -p tcp -m state --state NEW -j synflood
iptables -A FORWARD -i $OUT -p tcp -m state --state NEW -j synflood

[ view entry ] ( 810 views )   |  print article

---

<<First <Back | 12 | 13 | 14 | 15 | 16 | 17 | 18 | 19 | 20 | 21 | Next> Last>>

- Page Generated in 0.0078 seconds | Site Views: 2672