Nasser Heidari

2009-04-01

Block ssh brute force attacks with iptables

Filed under: Linux,Security Tips and Issues — Nasser Heidari @ 12:22
 # iptables -N SSH_CHECK
 # iptables -I INPUT -p tcp --dport 22 -m state --state NEW -j SSH_CHECK
 # iptables -A SSH_CHECK -m recent --set --name SSH
 # iptables -A SSH_CHECK -m recent --update --seconds 180 --hitcount 5 --rttl --name SSH -j LOG --log-prefix "SSH_brute_force "
 # iptables -A SSH_CHECK -m recent --update --seconds 180 --hitcount 5 --rttl --name SSH -j DROP
Advertisements

1 Comment »

  1. It’s cool !

    Comment by ali — 2009-04-01 @ 21:17


RSS feed for comments on this post. TrackBack URI

Leave a Reply

Please log in using one of these methods to post your comment:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: