Difference between revisions of "IPtables SSH Brute Force"

Latest revision as of 17:36, 6 December 2008

#!/bin/bash

IPT=/sbin/iptables

$IPT -N SSH
$IPT -N SSH_ABL
$IPT -A SSH -m recent --name SSH_ABL --update --seconds 3600 -j REJECT
$IPT -A SSH -m recent --name SSH --rcheck --seconds 60 --hitcount 5 -j SSH_ABL
$IPT -A SSH_ABL -m recent --name SSH_ABL --set -j LOG --log-level warn --log-prefix "ABL: +SSH: "
$IPT -A SSH_ABL -j REJECT
$IPT -A SSH -m recent --name SSH --rcheck --seconds 2 -j LOG --log-level warn --log-prefix "RATE: "
$IPT -A SSH -m recent --name SSH --update --seconds 2 -j REJECT
$IPT -A SSH -m recent --name SSH_ABL --remove -j LOG --log-level warn --log-prefix "ABL: -SSH: "
$IPT -A SSH -m recent --name SSH --set -j ACCEPT
$IPT -A INPUT -m state --state NEW -p tcp -m tcp --dport 22 -j SSH

Difference between revisions of "IPtables SSH Brute Force"

Latest revision as of 17:36, 6 December 2008

Navigation menu

Personal tools

Namespaces

Variants

Views

More

Search

mega security computer

Tools