Viraj's Weblog

Useless Information

Post details: Automatic SSH brute force blocking

07/23/06

Permalink 06:19:00 pm, Categories: Linux, 99 words   English (US)

Automatic SSH brute force blocking

Cool way to do automatic SSH brute force blocking in iptables:

iptables -A INPUT -m tcp -p tcp --dport 22 -m state \
  --state ESTABLISHED,RELATED -j ACCEPT
iptables -A INPUT -m tcp -p tcp -s My.local.Lan.0/24 \
  --dport 22 -j ACCEPT
iptables -A INPUT -m tcp -p tcp -s \
  Trusted.Internet.Machine --dport 22 -j ACCEPT
iptables -A INPUT -m tcp -p tcp --dport 22 -m state \
  --state NEW -m limit --limit 3/min --limit-burst 3 \
  -j ACCEPT
iptables -A INPUT -m tcp -p tcp --dport 22 -j LOG \
  --log-prefix SSHBRUTE
iptables -A INPUT -m tcp -p tcp --dport 22 -j DROP

Or alternatively, use BlockSSHD.

Permalink Leave a comment

Comments, Pingbacks:

No Comments/Pingbacks for this post yet...

Leave a comment:


Warning: touch() [function.touch]: Unable to create file /hsphere/local/home/valankar/viraj.org/_tmp/hn_captcha_counter.txt because No such file or directory in /hsphere/local/home/valankar/viraj.org/b2evolution/blogs/skins/hn_captcha.class.x1.php on line 209

Warning: touch() [function.touch]: Unable to create file /hsphere/local/home/valankar/viraj.org/_tmp/hn_captcha_counter.txt because No such file or directory in /hsphere/local/home/valankar/viraj.org/b2evolution/blogs/skins/hn_captcha.class.x1.php on line 209


An ERROR has occured!
Here you might send email-notification to webmaster or something like that.

Unable to safe captcha-image.