Ashley M. Kirchner wrote:
Mike Wright wrote:
Allow your subnets before the above rules. Here's a sample rule:
-A INPUT -s 10.0.0.0/24 -p tcp --dport 22 --syn -j ACCEPT
# subnet ^^^^^^^^^^^
You'd need one rule for each subnet.
hth
Awesome Mike, that worked like a charm. Thanks!
Somewhat related question: would the same rules work for ftp attacks
as well? Obviously replacing the port number with 21, but would they
work? Duplicate the lines, replace port and hope that ftp also gets
curbed the same way?
Ashley, try a combination on fail2ban and denyhosts.
--
21:50:04 up 2 days, 9:07, 0 users, load average: 0.92, 0.37, 0.18
---------------------------------------------------------
Lic. Martín Marqués | SELECT 'mmarques' ||
Centro de Telemática | '@' || 'unl.edu.ar';
Universidad Nacional | DBA, Programador,
del Litoral | Administrador
---------------------------------------------------------
