I did a little digging through my various notes and found the following for limiting SSH connections:

simply limit the amount of connections a host is allowed to the ssh port

iptables -N SSHSCAN
iptables -A INPUT -p tcp --dport 22 -m state --state NEW -j SSHSCAN
iptables -A SSHSCAN -m recent --set --name SSH
iptables -A SSHSCAN -m recent --update --seconds 300 --hitcount 3 --name SSH -j DROP

limits each host to 3 connections within 5 minutes. enough to make bots stop
and still not too annoying for users that mistype their password 3x3 times

======================

But when you 'hand edit' iptables, the firewall gui gets 'upset' Also you would need similar rules for ip6tables.


--
users mailing list
users@lists.fedoraproject.org
To unsubscribe or change subscription options:
https://admin.fedoraproject.org/mailman/listinfo/users
Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines
Have a question? Ask away: http://ask.fedoraproject.org

Reply via email to