Wednesday, January 25, 2012

dakikada 3 ssh isteğine izin ver

[root@localhost ~]# iptables -N SSH_CHAIN
[root@localhost ~]# iptables -A INPUT -i eth0 -p tcp -m tcp --dport 22 -m state --state NEW -j SSH_CHAIN
[root@localhost ~]# iptables -t filter -A SSH_CHAIN -i eth0 -p tcp -m tcp --dport 22 -m state --state NEW -m recent --update --seconds 60 --hitcount 3 --rttl --name SSH -j DROP


saniyede bir echo-requeste izin ver

iptables -t filter -A INPUT -p icmp --icmp-type echo-request -m limit --limit 1/s -j ACCEPT


http://kevin.vanzonneveld.net/techblog/article/block_brute_force_attacks_with_iptables/
Posted by at

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)