Network Security: Detailed info on Re: Banning SSH attackers

Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.

Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.

Network Security Secure-Shell

[Top] [All Lists]

Re: Banning SSH attackers

from [calvin] Network Security

[Permanent Link]

Subject:	Re: Banning SSH attackers
Date:	Fri, 21 Oct 2005 23:42:23 -0700

check into iptables. assuming that you're on a linux or unix box. man
iptables. using iptables you can limit attempts or so many connections
from a single IP. after so many attempts and connections, it won't allow
anymore connections or attempts for a specified amount of time. 

both the rulles following will limit to 5 connections every minute on
port 22, dropping every attempt after that. every connection is 

iptables -I INPUT -p tcp --dport 22 -i eth0 -m state --state NEW -m
recent --set

iptables -I INPUT -p tcp --dport 22 -i eth0 -m state --state NEW -m
recent --update --seconds 60 --hitcount 5 -j DROP

so after bruteforce attack, after the 4th attempt within a minute the
connections will be dropped. you can modify the numbers and rules. also
use google for for iptables and ssh securing.

signature.asc
Description: This is a digitally signed message part

[More with this subject...]

<Prev in Thread]	Current Thread	[Next in Thread>
Banning SSH attackers, Paul Berube Re: Banning SSH attackers, Ben Ford Re: Banning SSH attackers, Ken Garland Re: Banning SSH attackers, Raphaël Marichez Re: Banning SSH attackers, Nate Smith Re: Banning SSH attackers, calvin <= Re: Banning SSH attackers, Camron W. Fox Re: Banning SSH attackers, Paul Berube Re: Banning SSH attackers, Christophe Garault Re: Banning SSH attackers, Alex Gottschalk Re: Banning SSH attackers, Eldon Ziegler

Previous by Date:	Re: Banning SSH attackers, Nate Smith
Next by Date:	Re: Banning SSH attackers, Camron W. Fox
Previous by Thread:	Re: Banning SSH attackers, Nate Smith
Next by Thread:	Re: Banning SSH attackers, Camron W. Fox
Indexes:	[Date] [Thread] [Top] [All Lists]