Re: annoying brute force attack attempt using ssh

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

Scott van Looy wrote:

Today Peter McNeil did spake thusly:


Ran iptables -L just to make sure my rule was there and it was
in the end had to use hosts.deny to block the IP

Anyone got any ideas why?


I do this http://thunderbox.org/?page_id=4


Much better way is to do something like this:

iptables -N SSH_CHECK
iptables -A INPUT -p tcp --dport 22 -m state --state NEW -j SSH_CHECK
iptables -A SSH_CHECK -m recent --set --name SSH
iptables -A SSH_CHECK -m recent --update --seconds 60 --hitcount 4 --name SSH -j DROP
Which I used to use when I hand wrote my firewall. But as I'm trying to use system-config-firewall these days I've no idea how to add these custom rules...
that's cool, I just wanted a permanent blocklist (until restart). Re system-config-firewall..the only way to be sure is by hand :-) 

--
fedora-list mailing list
fedora-list@xxxxxxxxxx
To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-list
[Index of Archives]     [Current Fedora Users]     [Fedora Desktop]     [Fedora SELinux]     [Yosemite News]     [Yosemite Photos]     [KDE Users]     [Fedora Tools]     [Fedora Docs]

  Powered by Linux