Chris Carey wrote: > Good idea. Could someone please post a sample iptables rate-limit for > brute force attempts? I may get around to writing my own tonight > unless someone has already done the homework. I guess one would need a > rule that triggers on too many SYN per second to the SSH port?. I > wouldnt want the rule to trigger on an already established connection. > We can't have it simply look for packets-per-second.
I use shorewall so my ssh line looks like this: ACCEPT net fw TCP 22 - - 2/min:2 There's probably a better way to do it with an shorewall action. unum /* PLUG: http://plug.org, #utah on irc.freenode.net Unsubscribe: http://plug.org/mailman/options/plug Don't fear the penguin. */
