On Mon, Mar 31, 2008 at 4:27 PM, Kyle Waters <[EMAIL PROTECTED]> wrote: > Dave Smith wrote: > > > > Interesting! Would you be able to post those iptables commands? > > I'm afraid I'm lazy and use shorewall. So someone who's better with > IPTables then I am may be able to post them.
Forgive me if there are any stupid errors here, but something like this may work. Then again, it may also prevent you from logging into your server... # SSH Rate Limiting iptables -A INPUT -p tcp --dport 22 -m limit --limit 50/s -j ACCEPT iptables -A INPUT -p tcp --dport 22 -m limit --limit 6/m -j LOG --log-prefix "DROP [SSH] " iptables -A INPUT -p tcp --dport 22 -j DROP /* PLUG: http://plug.org, #utah on irc.freenode.net Unsubscribe: http://plug.org/mailman/options/plug Don't fear the penguin. */
