Re: tightening ssh

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



--snip--
> >
> > --
> > Knute Johnson
> > Molon Labe...
> A while back there was discussion on the list about a script that 
> monitored /var/messages and /var/secure and would write a rule to block an IP 
> address after "x" number of attempts to log in.
> I could not find the reference that I kept. You might try searching the list 
> but the scripts were very good.
> 


Try this

http://denyhosts.sourceforge.net/

or for quick & dirty:

iptables -A INPUT -i eth0 -p tcp -m tcp --dport 22 -m conntrack
--ctstate NEW -m recent --set --name sshscans --rsource 

iptables -A INPUT -m recent --rcheck --seconds 60 --hitcount 10 --name
sshscans --rsource -j DROP 

(thanks to david@xxxxxxxxxxxxx for that one)


-- 
Tony Placilla, RHCT
anthony_placilla@xxxxxxxx


[Index of Archives]     [Current Fedora Users]     [Fedora Desktop]     [Fedora SELinux]     [Yosemite News]     [Yosemite Photos]     [KDE Users]     [Fedora Tools]     [Fedora Docs]

  Powered by Linux