9 Oct
2010
9 Oct
'10
11:30 a.m.
On 8 October 2010 19:35, Max B <txtmax(a)yahoo.ca> wrote:
Hi All,
I received several ssh attacks over the past week, and wonder how, if at
all, to deal with them.
lazy method:
sudo iptables -A INPUT -i eth0 -p tcp --dport 22 -m state --state NEW
-m recent --set --name SSH
sudo iptables -A INPUT -i eth0 -p tcp --dport 22 -m state --state NEW
-m recent --update --seconds 60 --hitcount 8 --rttl --name SSH -j DROP
better methods exist but that's the simplest, I think.