Search:

I've noticed that I am recently getting more and more of the following in my error log. Should I ban those ip's with iptables? Thoughts?



[Sun Jan 26 07:48:58 2014] [error] [client...

Hey I just tried this on my local Ubuntu Server to test it out. Before adding the rule I could SSH to my local machine. After adding the rule and then attempting to access it 3 times I got the...

so SeijiSensei help the newbie out here. Again I'm a programmer of some 30 years and have been playing around with Ubuntu for a little over a year and am now doing remote admin of a server via SSH. ...

Thanks, I think I'll move towards that. Being a newbie to Ubuntu and remote servers (just over a year now), I guess I'm worried that if my ISP changes my home IP then I won't be able to get into the...

Anyone?

Hi, I'm a 30 year developer but only 2 years doing system admin for a Ubuntu Server hosted at GoDaddy. I would like to upgrade the server to the latest LTS and have a few questions.
...

Lars listed 2 interesting posts.

According to them we should use REJECT rather than DROP.

Comments?

Thanks again Doug.

So will this stop these attacks or only those ssh's on port 22?


Failed password for root from 61.191.61.2 port 45805 ssh2
pam_unix(sshd:auth): authentication failure;...

Thanks Doug this is now becoming a bit more clear. I still want to be sure I know everything I'm doing first.

So if I go to the command line and issue

sudo iptables -A INPUT -m recent...

Thanks Doug. My only question is then

My "ESTABLISHED, RELATED" bypass of these rules is earlier in my rules INPUT chain.

What does that mean ? I have not added any rules to my INPUT chain...

Its been suggested that I use the following but not wure what the first line does:


Alternately you may learn to use iptables. Iptables has several additional features including the ability to...