Aleksandar Ivanisevic wrote on 14.10.2008 13:17:
I'm trying to implement a simple defense against ssh brute force
attacks.
iptables -N SSH_Brute_Force
iptables -A INPUT -p tcp -m tcp --dport 22 -m state --state NEW -m recent --set
--name SSH --rsource -j SSH_Brute_Force
iptables -A SSH_Brute_Force -m recent ! --rcheck --seconds 60 --hitcount 2
--name SSH --rsource -j RETURN
iptables -A SSH_Brute_Force -p tcp -j DROP
this should allow only 1 SYN in 60 seconds to port 22 and it works
perfectly on the host, but not in a container.
both are Centos 5.2, fully patched, kernel 2.6.18-92.1.1.el5.028stab057.2PAE
in the syslog I see:
Oct 14 11:06:41 xxx modprobe: FATAL: Could not load
/lib/modules/2.6.18-92.1.1.el5.028stab057.2PAE/modules.dep: No such file or
directory
looks like its trying to load someting, but shouldn't it use a module
in a host kernel instead?
Any ideas?
_______________________________________________
Users mailing list
[email protected]
https://openvz.org/mailman/listinfo/users
Hello,
please make sure that xt_state and ipt_recent modules are loaded on the HN.
_______________________________________________
Users mailing list
[email protected]
https://openvz.org/mailman/listinfo/users
