Changes between Version 5 and Version 6 of SshSecuring


Ignore:
Timestamp:
May 18, 2017 11:16:06 AM (5 years ago)
Author:
fernando
Comment:

--

Legend:

Unmodified
Added
Removed
Modified
  • SshSecuring

    v5 v6  
    2727
    2828https://we.riseup.net/stefani/iptables-recent-module-and-hit-limits
     29http://thiemonagel.de/2006/02/preventing-brute-force-attacks-using-iptables-recent-matching/
     30https://www.netfilter.org/documentation/HOWTO/netfilter-extensions-HOWTO-3.html#ss3.16 Recent_patch 3.16
     31http://hostechs.com/2008/09/dropping-a-ddos-attack-using-ttl-and-length-in-iptables/
     32
     33
     34Rechaza aquellas ips que intantan 5 conexiones en las ultimos 60 s
    2935
    3036{{{
    3137-A INPUT -i eth0 -p tcp -m tcp --dport 22 -m state --state NEW -j SSHSCAN
    3238-A SSHSCAN -m recent --set --name SSH --rsource
    33 -A SSHSCAN -m recent --update --seconds 3600 --hitcount 5 --name SSH --rsource -j LOG --log-prefix "Anti SSH-Bruteforce: " --$
    34 -A SSHSCAN -m recent --update --seconds 3600 --hitcount 5 --name SSH --rsource -j DROP
     39-A SSHSCAN -m recent --update --seconds 60 --hitcount 5 --name SSH --rsource -j LOG --log-prefix "Anti SSH-Bruteforce: " --$
     40-A SSHSCAN -m recent --update --seconds 60 --hitcount 5 --name SSH --rsource -j DROP
    3541-A SSHSCAN -j ACCEPT
    3642
    3743}}}
    3844
    39 Para quitar una maquina:
     45Para quitar una maquina los datos de conexiones recientes:
    4046
    4147echo "-193.144.202.192" > /proc/self/net/xt_recent/SSH