second tip ; It does this by using simple Access List Rules which are included in the two files /etc/hosts.allow and /etc/hosts.deny . Firstly allow access by placing the following inside /etc/hosts.allow:
/etc/hosts.allow sshd: 1.2.3.0/255.255.255.0 ( 1.2.3.0 secure network ) Then disallow all further access by placing this in /etc/hosts.deny: /etc/hosts.deny sshd: ALL third tip : Change the absolute ssh port. For example 2122 . 2015-04-03 17:01 GMT+03:00 Dan McAllister <q...@it4soho.com>: > On 4/2/2015 5:20 PM, Dave M wrote: > > This should make you smile > > I have just this minute finished an install of Centos7 to prepare for the > qmail-toaster install. > > After the first update , and reboot, I logged in via ssh > > Up pops the security message: > > *There were 249 failed login attempts since the last successful login.* > > Thankfully the default firewall took care of them > > Just be careful doing installs with live external IP, and disabling the > firewall until you are done > > Made me laugh : ) > > > Just a tip -- > > Instead of leaving your SSH port open, put a connection limit on it: > > The following entries are from an iptables config file: > > -A INPUT -p tcp --dport 22 -m limit --limit 2/minute -j ACCEPT > -A INPUT -p tcp --dport 22 -j DROP > > You can fail your login attempt twice per minute, then you're dropped for > the remainder of the minute. > In most cases, they fail the login twice in like a 10-second period, fail > a few more times (with unsuccessful connections this time) and finally quit > -- blissfully unaware that they could try 2 more times in 60 seconds. > > The point is, if you're just fat-fingering your SSH password, no worries - > wait 60 seconds.... > But if you're trying a brute-force attack, good luck -- instead of > hundreds of tries per minute, you now get just 2... > > Needless to say, you can adjust to your own recipe... > > Dan McAllister > IT4SOHO > > > -- > IT4SOHO, LLC > 33 - 4th Street N, Suite 211 > St. Petersburg, FL 33701-3806 > > CALL TOLL FREE: > 877-IT4SOHO > > 877-484-7646 Phone > 727-647-7646 Local > 727-490-4394 Fax > > We have support plans for QMail! > > >
