OpenVZ Forum: Support » iptables on VE0 to prevent SSH Attacks?

Home » General » Support » iptables on VE0 to prevent SSH Attacks? (

) 1 Vote

Show: Today's Messages :: Show Polls :: Message Navigator
E-mail to friend

Re: iptables on VE0 to prevent SSH Attacks? [message #1644 is a reply to message #1122]

Fri, 17 February 2006 18:07

almahdi
Messages: 2
Registered: February 2006

Junior Member

You may want to limit the number of times each IP connects per second to SSH..

Most of those Attacks are script based, there is an easy way to block them, we've been using it for a while on our servers.

----
iptables -I INPUT -p tcp --dport 22 -i eth0 -m state --state NEW -m recent --set

iptables -I INPUT -p tcp --dport 22 -i eth0 -m state --state NEW -m recent --update --seconds 60 --hitcount 4 -j DROP
----
This will limit incoming connections to port 22 to no more than 3 attemps in a minute. Any more will be dropped.

You can adjust the numbers yourself to limit connections further.

Report message to a moderator

[Message index]

		iptables on VE0 to prevent SSH Attacks? By: phpfreak on Wed, 01 February 2006 15:18
		Re: iptables on VE0 to prevent SSH Attacks? By: phpfreak on Wed, 01 February 2006 15:40
		Re: iptables on VE0 to prevent SSH Attacks? By: kir on Wed, 01 February 2006 15:56
		Re: iptables on VE0 to prevent SSH Attacks? By: phpfreak on Wed, 01 February 2006 15:58
		Re: iptables on VE0 to prevent SSH Attacks? By: almahdi on Fri, 17 February 2006 18:07
		Re: iptables on VE0 to prevent SSH Attacks? By: kir on Fri, 17 February 2006 18:35

Previous Topic:	application templates?
Next Topic:	Config files

Goto Forum:

-=] Back to Top [=-

[ Syndicate this forum (XML) ] [

] [

]

Current Time: Mon Jul 28 21:54:43 GMT 2025

Total time taken to generate the page: 0.43838 seconds