Thread: Failed SSH login attempts and how to avoid brute ssh attacks
View Single Post

  #10 (permalink)  
Old 12-20-2006, 03:34 AM
nixcraft's Avatar
nixcraft nixcraft is offline
Never say die
User
  
Join Date: Jan 2005
Location: BIOS
My distro: Ubuntu
Posts: 1,061
Rep Power: 10
nixcraft has a reputation beyond repute nixcraft has a reputation beyond repute nixcraft has a reputation beyond repute nixcraft has a reputation beyond repute nixcraft has a reputation beyond repute nixcraft has a reputation beyond repute nixcraft has a reputation beyond repute nixcraft has a reputation beyond repute nixcraft has a reputation beyond repute nixcraft has a reputation beyond repute nixcraft has a reputation beyond repute
Default
Here is the line from my pf firewall script
Code:
pass inet proto tcp from any to any port 22 keep state (max-src-conn-rate 5 / 60)
My pf limits the connection rate to port 22 to five per minute. You can set to 2 or anything else. It will stop attacker who is trying out attack on ssh server as my firewall blocks incoming request to 5.

For iptables see tutorial written by our friends @ debian-administration.org http://www.debian-administration.org/articles/187

@sweta
I do use CP for clients but personally I don't use any CP. I was not aware of csf firewall script or module. There are tons of such script exists.

@bin@ry
Hehe yes sometime I do write it from scratch

@monk
Buddy don't give us our secrets in public making money is not bad I guess :P
__________________
Vivek | My personal blog
Linux Evangelist
Play hard stay cool
Reply With Quote