1

Prevent SSH attacks

view story
linux-howto

http://serverfault.com – I'm trying to setup iptables rules to only allow 3 attempts by an IP per minute to connect to the servir via SSH, and drop all the connections after to prevent SSH attacks; but it seems i'm doing something wrong! -A INPUT -p tcp -m tcp --dport 22 -m state --state NEW -m recent --set --name DEFAULT --rsource -A INPUT -p tcp -m tcp --dport 22 -m state --state NEW -m recent --update --seconds 60 --hitcount 3 --name DEFAULT --rsource -j DROP -A INPUT -p tcp -m state --state NEW --dport 22 -j ACCEPT Thanks (HowTos)