Using hashlimit to foil SSH bruteforce attempts

Add this to the iptables ruleset:


iptables -A INPUT -m hashlimit -m tcp -p tcp --dport 22 --hashlimit 1/min --hashlimit-mode srcip --hashlimit-name ssh -m state --state NEW -j ACCEPT

The rule limits one connection to the SSH port from one IP address per minute.


For more information, man iptables and iptables -m hashlimit --help.


Reference: https://www.redhat.com/archives/fedora-test-list/2005-August/msg00061.html

Comments

Post a Comment

Popular posts from this blog

Pull files off Android phone

Image
This assumes you have Android Debug Bridge (ADB) installed. This will pull all files from a directory in an Android phone. cd /path/to/destination/directory adb pull /path/to/source . As Julian says, "Easy-peasy, lemon squeezy." (I use this, by the way, since the Nexus 5 and OS X Mavericks refuse to work together in USB mode.)
Read more