Monday, September 17, 2007

iptables rules to lock out multiple failed ssh attempts

Two simple lines to run at boot:

iptables -I INPUT -p tcp --dport 22 -i eth0 -m state --state NEW -m recent --set &

iptables -I INPUT -p tcp --dport 22 -i eth0 -m state --state NEW -m recent --update --seconds 60 --hitcount 4 -j DROP &
Posted by at

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)