You can also rate-limit in iptables since a new module was introduced not too long ago. I use it for SSH and a few other ports as well. Here's an example for those that care. The below will rate limit ssh connections to no more than 4 every 60 seconds. Anything over that, iptables drops for a period of 10 or 15 minutes I believe. (Will have to check on the duration of the block).
iptables -A INPUT -p tcp --dport 22 -m state --state NEW -m recent --set iptables -A INPUT -p tcp --dport 22 -m state --state NEW -m recent --update --seconds 60 --hitcount 4 -j DROP iptables -A INPUT -p tcp --dport 22 -m state --state NEW -j ACCEPT R's, max On Sat, Jun 25, 2011 at 8:22 AM, Andres Pozos <javato...@yahoo.es> wrote: > Hi: > For 0 size udp flood you only need http://www.sourceop.com/** > modules.php?name=Downloads&d_**op=viewdownload&cid=9<http://www.sourceop.com/modules.php?name=Downloads&d_op=viewdownload&cid=9>(dont > know if work with last update) > > And for rcon exploits, block the tcp query port, for example: IPTABLES -A > INPUT -p tcp --dport 27015-j DROP > > Best regards > > > ______________________________**_________________ > To unsubscribe, edit your list preferences, or view the list archives, > please visit: > http://list.valvesoftware.com/**mailman/listinfo/hlds_linux<http://list.valvesoftware.com/mailman/listinfo/hlds_linux> > _______________________________________________ To unsubscribe, edit your list preferences, or view the list archives, please visit: http://list.valvesoftware.com/mailman/listinfo/hlds_linux
