Re: annoying brute force attack attempt using ssh

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Today Peter McNeil did spake thusly:

Scott van Looy wrote:
Today Peter McNeil did spake thusly:

Ran iptables -L just to make sure my rule was there and it was
in the end had to use hosts.deny to block the IP

Anyone got any ideas why?

I do this http://thunderbox.org/?page_id=4

Much better way is to do something like this:

iptables -N SSH_CHECK
iptables -A INPUT -p tcp --dport 22 -m state --state NEW -j SSH_CHECK
iptables -A SSH_CHECK -m recent --set --name SSH
iptables -A SSH_CHECK -m recent --update --seconds 60 --hitcount 4 --name SSH -j DROP

Which I used to use when I hand wrote my firewall. But as I'm trying to use system-config-firewall these days I've no idea how to add these custom rules...

that's cool, I just wanted a permanent blocklist (until restart). Re system-config-firewall..the only way to be sure is by hand :-)

does anyone know if there's documentation for it anywhere? If not, I'm happy to write some - if someone can explain to me how the buggery it works...? :)

--
Scott van Looy - email:me@xxxxxxxxxxxxxx | web:www.ethosuk.org.uk
site:www.freakcity.net - the in place for outcasts since 2003
PGP Fingerprint: 7180 5543 C6C4 747B 7E74  802C 7CF9 E526 44D9 D4A7
      -------------------------------------------
      |/// /// /// /// WIDE LOAD /// /// /// ///|
      -------------------------------------------

It is said that the lonely eagle flies to the mountain peaks while the lowly
ant crawls the ground, but cannot the soul of the ant soar as high as the eagle?

--
fedora-list mailing list
fedora-list@xxxxxxxxxx
To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-list

[Index of Archives]     [Current Fedora Users]     [Fedora Desktop]     [Fedora SELinux]     [Yosemite News]     [Yosemite Photos]     [KDE Users]     [Fedora Tools]     [Fedora Docs]

  Powered by Linux