Home > Security > Regras de Iptables para bloque ataques Brutal Force no OpenSSH

Regras de Iptables para bloque ataques Brutal Force no OpenSSH

July 31st, 2006
Goto comments Leave a comment

iptables -A INPUT -p tcp –syn –dport 22 -m recent –name sshattack –set

iptables -A INPUT -p tcp –dport 22 –syn -m recent –name sshattack
–rcheck –seconds 60 –hitcount 3 -j LOG –log-prefix ‘SSH REJECT: ‘

iptables -A INPUT -p tcp –dport 22 –syn -m recent –name sshattack
–rcheck –seconds 60 –hitcount 3 -j REJECT –reject-with tcp-reset

iptables -A FORWARD -p tcp –syn –dport 22 -m recent –name sshattack
–set

iptables -A FORWARD -p tcp –dport 22 –syn -m recent –name sshattack
–rcheck –seconds 60 –hitcount 3 -j LOG –log-prefix ‘SSH REJECT: ‘

iptables -A FORWARD -p tcp –dport 22 –syn -m recent –name sshattack
–rcheck –seconds 60 –hitcount 3 -j REJECT –reject-with tcp-reset

Security

  1. No comments yet.
  1. No trackbacks yet.