This was sent to me regarding the wiki. ---------- Forwarded message ---------- From: "Martin Koníček" <[email protected]> Date: Mar 7, 2013 4:44 AM Subject: mistake on Securing SSH To: <[email protected]> Cc:
Hi TImothy, I saw wiki http://wiki.centos.org/HowTos/Network/SecuringSSH and it is pretty good, but there is a mistake. *Instead of having* iptables -A INPUT -p tcp --dport 22 -m recent --set --name ssh --rsource iptables -A INPUT -p tcp --dport 22 -m recent ! --rcheck --seconds 60 --hitcount 4 --name ssh --rsource -j ACCEPT *You should have* iptables -A INPUT -p tcp --dport 22 *-m state --state NEW* -m recent --set --name ssh --rsource iptables -A INPUT -p tcp --dport 22 *-m state --state NEW* -m recent ! --rcheck --seconds 60 --hitcount 4 --name ssh --rsource -j ACCEPT Brgds. -- Martin
_______________________________________________ CentOS-docs mailing list [email protected] http://lists.centos.org/mailman/listinfo/centos-docs
