Re: [rlug] filtre iptables automate

Mon, 27 Aug 2007 06:28:15 -0700 

lonely wolf wrote:

Catalin Catana wrote:

Salut,



iptables -A SSH_Brute_Force -j TARPIT
Nu toata lumea are target tarpit in kernel :) . Desi e frumos, nu se aplica la oricine. 

For the record , eu folosesc satisfacut :

iptables -A INPUT -i _eth0_ -p tcp --dport 22 -m state --state NEW -m recent 
--update --seconds 60 --hitcount 3 --rttl --name SSH -j DROP (nesimtit)

si de siguranta pam-abl ( http://www.hexten.net/wiki/index.php/Pam_abl ).
Merge, inca nu mi-am dat peste dejte singur. Deci e bine. 
Dragos





______________________________________________________________________
This email has been scanned by the MessageLabs Email Security System.
For more information please visit http://www.messagelabs.com/email ______________________________________________________________________ 

_______________________________________________
RLUG mailing list
RLUG@lists.lug.ro
http://lists.lug.ro/mailman/listinfo/rlug

Raspunde prin e-mail lui