![[feed]](http://iandexter.net/wp-content/themes/deposed-wp/images/icon-feed.gif){kind=icon}
Using hashlimit to foil SSH bruteforce attempts
Add this to the iptables ruleset:
iptables -A INPUT -m hashlimit -m tcp -p tcp --dport 22 --hashlimit 1/min --hashlimit-mode srcip --hashlimit-name ssh -m state --state NEW -j ACCEPT
The rule limits one connection to the SSH port from one IP address per minute.
For more information, man iptables and iptables -m hashlimit --help.
Reference: https://www.redhat.com/archives/fedora-test-list/2005-August/msg00061.html
Read more:
- QOTD: ‘good riddance’?
- Remote desktop through SSH
- WTG, Zak!
- Bypassing SSH strict checking
- Slugfest at PLUG?
No Comments Yet