limit ssh attempts
lfeder
lfeder-rieW9WUcm8FFJ04o6PK0Fg at public.gmane.org
Mon Nov 28 19:10:01 UTC 2005
I though about accepting ssh from only specific IPs. However this would
prevent remote logins from a new location. Any you know how that is. Just
when you absolutely need to login remotely, your own server locks you out.
So I figured on plan B. To limit the amount of bad SSH attempts. I used to
see hundreds of bad sshd attempts on all kinds of servers. No one needs
this. Thus I found these iptables that prevent multiple ssh attempts and
DROP them like a bad habit.
BTW,
I always make important passwords with a lot of alphanumerics.
I don't think uppercase/lowercase and all kinds of complexity is that
important, rather just keep it out of the normal dictionary
As always, I welcome feedback and improvements.
/teddy
-----------------------------------
[root at vger4 log]# cd /scripts/
[root at vger4 scripts]# more limitssh
#!/bin/sh
#limit incoming connections to port 22 to 3 per minute
iptables -I INPUT -p tcp --dport 22 -i eth0 -m state --state NEW -m recent
--set
iptables -I INPUT -p tcp --dport 22 -i eth0 -m state --state NEW -m recent
--update --seconds 60 --hitcount 4 -j DROP
[root at vger4 scripts]#
--
The Toronto Linux Users Group. Meetings: http://tlug.ss.org
TLUG requests: Linux topics, No HTML, wrap text below 80 columns
How to UNSUBSCRIBE: http://tlug.ss.org/subscribe.shtml
More information about the Legacy
mailing list