-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Franck Joncourt wrote: > On Thu, Apr 19, 2007 at 09:18:45PM -0700, John L Fjellstad wrote: >> Jim Hyslop <[EMAIL PROTECTED]> writes: [...] >> iptables -A INPUT -i ethLRZ -p tcp --dport 22 -m state --state NEW \ >> -m recent --set --name SSH [...] >> but that didn't throttle back the attempts. I tried '-i eth0' instead of >> ethLRZ, but no effect. > > What do you mean you tried *-i eth0* ?
sed s/ethLRZ/eth0/ in the iptables command above. > You have defined ethLRZ, haven't you ? I have no idea. I just entered the rules as found in the blog. I assumed 'LRZ' was simply a place-holder for the actual interface number, as the iptables man page examples use '-i eth0' and not '-i ethLRZ'. I just googled ethLRZ, and other than the original blog and this thread, found nothing. The man page doesn't mention it either. So, what is it, and how do I know if it's defined? > You may have forgotten to set your default policy. According to what you > wrote, your default policy is ACCEPT for INPUT, FORWARD, and OUTPUT > chains. This is not safe, since you accept all incoming and outgoing > traffic. Well, I hope I don't sound cavalier about this, but until I added the above rules, I wasn't even running iptables. The machine is behind a hardware firewall, on a home network. Only the ssh port is open on the firewall. The ssh daemon is configured only to accept public key authentication. What else can I do on the input side? On the output side, I really can't think of any rules that would make sense. What IP addresses would I block access to? The machine isn't configured to forward anything, so that's not (or shouldn't be) an issue. - -- Jim Hyslop Dreampossible: Better software. Simply. http://www.dreampossible.ca Consulting * Mentoring * Training in C/C++ * OOD * SW Development & Practices * Version Management -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.2 (MingW32) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD8DBQFGKYfoLdDyDwyJw+MRAqnBAKDeBKUoljnuifgRccHyzE1Vp/qSgACgy9/5 JlSBvKqCeYCJvwA7JZj2Mpg= =zsRd -----END PGP SIGNATURE----- -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
