Regras de Iptables para bloque ataques Brutal Force no OpenSSH

iptables -A INPUT -p tcp –syn –dport 22 -m recent –name sshattack –set

iptables -A INPUT -p tcp –dport 22 –syn -m recent –name sshattack
–rcheck –seconds 60 –hitcount 3 -j LOG –log-prefix ‘SSH REJECT: ‘

iptables -A INPUT -p tcp –dport 22 –syn -m recent –name sshattack
–rcheck –seconds 60 –hitcount 3 -j REJECT –reject-with tcp-reset

iptables -A FORWARD -p tcp –syn –dport 22 -m recent –name sshattack
–set

iptables -A FORWARD -p tcp –dport 22 –syn -m recent –name sshattack
–rcheck –seconds 60 –hitcount 3 -j LOG –log-prefix ‘SSH REJECT: ‘

iptables -A FORWARD -p tcp –dport 22 –syn -m recent –name sshattack
–rcheck –seconds 60 –hitcount 3 -j REJECT –reject-with tcp-reset

About the author

<span class="dsq-postid" data-dsqidentifier="765 ">154 comments</span>

By Jaccon

Arquivos

Andre Jaccon Logo