On Fri, 2007-04-20 at 16:03 +0300, Nick Demou wrote: > On 4/20/07, Roberto C. Sánchez <[EMAIL PROTECTED]> wrote: > > On Fri, Apr 20, 2007 at 12:47:20PM +0300, Nick Demou wrote: > > > [...] > > > Any other idea of simple measures that will keep as many attackers > > > away from the one and only service that is listening to the Internet? > > > > > Well, if which outbound ports are available is a real concern, then > > consider the following: > > > > - rate-limit new ssh connections (I use this) > > [this] will keep your logs from getting cluttered (and will also slow > > attackers down greatly so that they take longer to get to other people's > > machines). > do you mean to configure iptables in order to limit cons/min? > what rules do you use? any pointer to the web? Try: http://www.debian-administration.org/articles/187
