Re: Hacks
- From: Andy Burns <usenet.oct2006@xxxxxxxxxxxxxx>
- Date: Wed, 28 Feb 2007 16:45:39 +0000
On 28/02/2007 09:32, Paul Martin wrote:
# For outsiders, rate-limit and enjoy
iptables -A INPUT -p tcp -m tcp --dport ssh \
-m state --state NEW \
-m recent --hitcount 3 --seconds 180 --update -j DROP
# Allow first attempts through
iptables -A INPUT -p tcp -m tcp --dport ssh \
-m state --state NEW \
-m recent --set -j ACCEPT
depends how constant the background level of chancers are, it allows them to DoS you in your hour of need.
.
- References:
- Hacks
- From: Simon Dean
- Hacks
