Mailing List Archive


[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [tlug] Blocking bad sshd bruteforce attempt



2006/7/11, Stephen J. Turnbull <stephen@example.com>:
>>>>> "Hung" == Hung Vu Nguyen <vuhung16plus@example.com> writes:

    Hung> I don't worry about that because 'he' is just bruteforcing
    Hung> me. My sshd is secured /etc/hosts.allow .

# this is unlikely to work for you outof the box,
# but I only have one host per line in my hosts.allow ;-)
for i in `grep ^ssh /etc/hosts.allow | cut -b5`; do
  iptables -A INPUT -p tcp --dport ssh -s $i -j ACCEPT
done
iptables -A INPUT -p tcp --dport ssh -j REJECT

That will work in case of one IP in one line. Mine setting is like this:

ssh: 213.167. 59.95. 130.153. 192.168.1. some.hostname

So it will take some more time to deploy your idea :D

--
Best Regards,
Nguyen Hung Vu
vuhung16plus{remove}@example.com


Home | Main Index | Thread Index

Home Page Mailing List Linux and Japan TLUG Members Links