Originally Posted by
inphektion
so they just can't pound on you.
Port 22 is fine. But you can use IP tables to throttle bruteforce attacks.
Code:
ip6tables -N SSH; # create chain
iptables -N SSH; # create chain
# send all incoming SSH trafficc to SSH chain
ip6tables -I INPUT -i eth0 -p tcp --destination-port 22 -m state --state NEW -j SSH;
iptables -I INPUT -i eth0 -p tcp --destination-port 22 -m state --state NEW -j SSH;
# iptables -I INPUT -p TCP -m state --state NEW -m limit --limit 30/minute --limit-burst 5 -j ACCEPT
# add host to "recent" list
ip6tables -I SSH -m recent --set --name SSHLIMIT -j ACCEPT;
iptables -I SSH -m recent --set --name SSHLIMIT -j ACCEPT;
# allow finite number of new connections per time limit
ip6tables -I SSH -m recent --update --seconds 60 --hitcount 4 --name SSHLIMIT -j REJECT
iptables -I SSH -m recent --update --seconds 60 --hitcount 4 --name SSHLIMIT -j REJECT
Bookmarks