Skip to main content

Thread: iptables block attemtps

-

its been suggested use following not wure first line does:


alternately may learn use iptables. iptables has several additional features including ability black list ip address after failed attempts.

code:
sudo iptables -a input -p tcp --dport 22 -m state --state new -m recent --set --name ssh --rsource -j accept  sudo iptables -a input -m recent --update --seconds 600 --hitcount 8 --rttl --name ssh --rsource -j drop
"--hit count" number of new connections. keep in mind each new connection gives multiple opportunities enter password. if use scp, use higher hitcount each file new ssh session.

"--seconds" how long ipaddress blacklisted. 10 minutes sufficient deter "script kiddies".

for many many years now, have used similar method deal ssh attacks. within last couple of months, on other ubuntu forums thread, saw method posted. not understand it, although didn't test it. here do:
code:
# secure shell on port 22. # # dynamic badguy list. detect , drop bad ips password attacks on ssh. # once on badguy list drop packets them. $iptables -a input -i $extif -m recent --update --hitcount 3 --seconds 5400 --name badguy_ssh -j log --log-prefix "ssh bad:" --log-level info $iptables -a input -i $extif -m recent --update --hitcount 3 --seconds 5400 --name badguy_ssh -j drop $iptables -a input -i $extif -p tcp -m tcp --dport 22 -m recent --set --name badguy_ssh -j accept
notice how have drop rule first, if there have alreay been "hitcount" attempts. only, ssh packet accepted, , hitcount bumped. use longer block time because have had occurences 10 minutes not enough.

"established, related" bypass of these rules earlier in rules input chain.


Forum The Ubuntu Forum Community Ubuntu Specialised Support Security [ubuntu] iptables block attemtps


Ubuntu

Comments

Post a Comment

Popular posts from this blog

Thread: Firefox print dialog doesn't remember settings

-
hi, in ubuntu 12.04, firefox doesn't remember last used print settings in file - print (ctrl+p) dialog. need firefox remember exact settings used last time in print dialog. how this? in about :config, print.save_print_settings variable set true. still doesn't work. print file. have start on configuring print settings in print dialog, please help! i have same problem looks likes problem older firefox(gnome?) not respecting cups defaults doesnt seem there change it. if find solution please post here Forum The Ubuntu Forum Community Ubuntu Official Flavours Support General Help [ubuntu] Firefox print dialog doesn't remember settings Ubuntu
Read more

Error 400 - Photoshop services are not available

-
i keep getting error messge every time try log in. help? i take using pse 10 or earlier. photoshop.com dead , gone. should have received number of emails photos getting moved adobe revel, revel not direct replacement photoshop.com. can't use within pse. need stop using welcome screen, since try connect non-existent server:   http://barbarabrundage.com/2013/09/16/pse-8-9-10-cant-sign-in-error-404/ More discussions in Photoshop Elements adobe
Read more

After Effects error:creating resource file on Windows

-
hi   i have problem set of plugins developing. have 20 different plugins. after apply 10th plugin, gives following error on windows (cs6):   after effects error:creating resource file "....aex" ( 3 :: 0 )   i can have many instances of same plugin once have total of 10 different error comes up   one thing being enabled in plugin flag: pf_outflag_keep_resource_open   is culprit?   thanks in advance donj More discussions in After Effects SDK adobe
Read more