Re: More SSH 'trolling'

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

To: For users of Fedora Core releases <fedora-list@xxxxxxxxxx>
Subject: Re: More SSH 'trolling'
From: Björn Persson <listor1.rombobeorn@xxxxxxxxx>
Date: Fri, 15 Oct 2004 16:56:54 +0200
In-reply-to: <[email protected]>
References: <[email protected]>
Reply-to: For users of Fedora Core releases <fedora-list@xxxxxxxxxx>
User-agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.4.1) Gecko/20031114

Vladimir G. Ivanovic wrote:

"d" == dave <drinker@xxxxxxxxxxx> writes:
d> Blocking repeat SSH attacks with IPTables d> d> http://www.dsrtech.com/sshblock/
At what point (i.e. with how many blocked IP addresses) does networking
begin to slow down? Or is this not really a problem because the checks
are only done at connection setup time?

As written, every incoming packet would be compared to those rules. You couls however create a new chain, "blocked" say, and configure the log watcher to add the rules to that chain. In the main "INPUT" chain you would then have a rule to jump to the chain "blocked" only on connection attempts to port 22.

Björn Persson

Follow-Ups:
- Re: More SSH 'trolling'
  - From: Vladimir G. Ivanovic

References:
- Re: More SSH 'trolling'
  - From: Vladimir G. Ivanovic

Prev by Date: Re: how to match kernel src with running kernel
Next by Date: Re: Is my computer safe enough if I use just iptables?
Previous by thread: Re: More SSH 'trolling'
Next by thread: Re: More SSH 'trolling'
Index(es):
- Date
- Thread

[Index of Archives] [Current Fedora Users] [Fedora Desktop] [Fedora SELinux] [Yosemite News] [Yosemite Photos] [KDE Users] [Fedora Tools] [Fedora Docs]

Powered by Linux