In the void is virtue, and no evil. Wisdom has existence, principle has existence, The Way has existence, spirit is nothingness.
Image
Search This Blog
Thursday, October 16, 2014
Friday, October 03, 2014
SSH BruteForce Attacks are back
I've put back the little iptables rule:
-N SSHBRUTE
-A INPUT -i eth1 -p tcp -m tcp --dport 22 -m state --state NEW -m recent -j SSHBRUTE
-A SSHBRUTE -m recent --set --name BRUTESSH --rsource
-A SSHBRUTE -m recent --rcheck --seconds 60 --hitcount 5 --rttl --name BRUTESSH --rsource -j \ REJECT --reject-with tcp-reset
-A SSHBRUTE -m recent --rcheck --seconds 60 --hitcount 4 --rttl --name BRUTESSH --rsource -j \ LOG --log-prefix "Brute Force SSH Drop"
-A SSHBRUTE -m recent --update --seconds 60 --hitcount 4 --rttl --name BRUTESSH --rsource -j \ REJECT --reject-with tcp-reset
-A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT
-N SSHBRUTE
-A INPUT -i eth1 -p tcp -m tcp --dport 22 -m state --state NEW -m recent -j SSHBRUTE
-A SSHBRUTE -m recent --set --name BRUTESSH --rsource
-A SSHBRUTE -m recent --rcheck --seconds 60 --hitcount 5 --rttl --name BRUTESSH --rsource -j \ REJECT --reject-with tcp-reset
-A SSHBRUTE -m recent --rcheck --seconds 60 --hitcount 4 --rttl --name BRUTESSH --rsource -j \ LOG --log-prefix "Brute Force SSH Drop"
-A SSHBRUTE -m recent --update --seconds 60 --hitcount 4 --rttl --name BRUTESSH --rsource -j \ REJECT --reject-with tcp-reset
-A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT
Subscribe to:
Posts (Atom)