Create an Account
username: password:
 
  MemeStreams Logo

MemeStreams Discussion

search


This page contains all of the posts and discussion on MemeStreams referencing the following web page: Blocking brute force attacks against ssh with iptables and netfilter. You can find discussions on MemeStreams as you surf the web, even if you aren't a MemeStreams member, using the Threads Bookmarklet.

Blocking brute force attacks against ssh with iptables and netfilter
by Dagmar at 7:57 am EST, Feb 15, 2006

For those of you not yet using a port-knocker or otherwise getting irritated with the crap all the script kiddies are filling your system logs with from endless connections against your sshd, this article is for you.

Just two (or four, if you like logging) slightly obfuscated lines of iptables, and you can not only stop the lamers, you can slow their scripts down. (Something that's bound to get me packeted sooner or later, but whatever) This is quite portable to anything that's got a reasonably recent version of iptables (1.3.x) installed. You only need the barest of netfilter support in the Linux kernel.


Blocking brute force attacks against ssh with iptables and netfilter
by Lost at 4:34 pm EST, Feb 16, 2006

The goal of this article is to outline a simple method for blocking brute force attacks on sshd for users of Slackware Linux. With a few minor changes, this technique will work on any Linux box with netfilter support in the kernel and a reasonably recent version of iptables (1.3.x) installed. It makes use of the ipt_recent module for netfilter to track who just connected to the port, and to refuse subsequent connections from that host for a given number of seconds. One side effect of this technique is that it will slow down the idiots scanning the Internet looking for even bigger idiots.

Good link dag


 
 
Powered By Industrial Memetics