SSH Bot attack Prevention
Dallin Jones
squitoey at gmail.com
Wed Mar 14 10:51:39 MDT 2007
Here are the two SSH rules that I use. Before I started using this, I
was getting between 300-1000 ssh login attempts... It is now about 20
a day. Not perfect, but helps a lot. I have it set to allow two
connection attempts every 10 minutes, this can easily be changed
though.
iptables -I INPUT -p tcp --dport 22 -i eth0 -m state --state NEW -m recent --set
iptables -I INPUT -p tcp --dport 22 -i eth0 -m state --state NEW -m
recent --update --seconds 600 --hitcount 2 -j DROP
Dallin
More information about the PLUG
mailing list