Surmandal wrote: > Thats the good one. But I think it will add that IP to host deny that mean > it will block the IP using TCP wrappers. TCP wrapper works on Application > layer . It is better to block from Firewall. Firewall works on layer 3 and > 4. I am using this script > > iptables -N SSH_CHECK > iptables -A INPUT -p tcp --dport 2001 -m state --state NEW -j SSH_CHECK > iptables -A SSH_CHECK -m recent --set --name SSH > iptables -A SSH_CHECK -m recent --update --seconds 60 --hitcount 4 --name > SSH -j DROP > > This script To Prevent the SSH based Dictionary Attack
Hmm... nice.. :) Finally some yummy code. Is there a particular advantage to using iptables to say using overlayer like shorewall that sets up iptables ? Thanks. --~--~---------~--~----~------------~-------~--~----~ FOSS Nepal mailing list [email protected] http://groups.google.com/group/foss-nepal Community website: http://www.fossnepal.org/ -~----------~----~----~----~------~----~------~--~---
