On Tue, 2011-11-22 at 23:52 -0500, jdow wrote:
> ===8<---
> $IPTABLES -A INPUT -p tcp --syn --dport 22 -m recent --name sshattack --set
> $IPTABLES -A INPUT -p tcp --dport 22 --syn -m recent --name sshattack \
>--rcheck --seconds 180 --hitcount 2 -j LOG --log-prefix 'SSH REJECT: ' \
>--log-
Thank you, much appreciated
Roger
> You might look at this functionality. Check out your man pages for any
> interpretation you need.
>
> ===8<---
> $IPTABLES -A INPUT -p tcp --syn --dport 22 -m recent --name sshattack --set
> $IPTABLES -A INPUT -p tcp --dport 22 --syn -m recent --name sshattack \
You might look at this functionality. Check out your man pages for any
interpretation you need.
===8<---
$IPTABLES -A INPUT -p tcp --syn --dport 22 -m recent --name sshattack --set
$IPTABLES -A INPUT -p tcp --dport 22 --syn -m recent --name sshattack \
--rcheck --seconds 180 --hitcount 2 -j LOG
Am 13.11.2011 01:52, schrieb Roger:
> On Sat, 2011-11-12 at 20:37 +0100, Heinz Diehl wrote:
>> On 12.11.2011, Roger wrote:
>>
>>> Is there a way to limit:
>>> -number of log in attempts to 2,
>>> -the duration of a log in attempt to 3 seconds or less
>>> -the number of times a username can be t
Am 12.11.2011 11:19, schrieb Roger:
> Is there a way to limit:
> -number of log in attempts to 2,
> -the duration of a log in attempt to 3 seconds or less
> -the number of times a username can be tried, prefer it set at 2 and
> then not again for 24 hours if it fails.
trivial
iptables -A INPUT
On 11/12/2011 04:52 PM, Roger wrote:
> I read about this and am concerned that if my computer dies and I
> replace mb or other components, the RSA key could be different and I
> won't be able to log in with the previous RSA.
> Not understanding the process made me a bit nervous.
The key is store
On Sat, 12 Nov 2011 18:20:18 -0700
T.C. Hollingsworth wrote:
> The "key" is just a file on your hard drive. As long as you back it
> up you'll be fine.
Yep. You can keep the same host key by backing up and restoring
all the files: /etc/ssh/*key*
I've been copying mine from release to release wh
On Sat, Nov 12, 2011 at 5:52 PM, Roger wrote:
> On Sat, 2011-11-12 at 20:37 +0100, Heinz Diehl wrote:
>> On 12.11.2011, Roger wrote:
>>
>> > Is there a way to limit:
>> > -number of log in attempts to 2,
>> > -the duration of a log in attempt to 3 seconds or less
>> > -the number of times a userna
On Sat, 2011-11-12 at 20:37 +0100, Heinz Diehl wrote:
> On 12.11.2011, Roger wrote:
>
> > Is there a way to limit:
> > -number of log in attempts to 2,
> > -the duration of a log in attempt to 3 seconds or less
> > -the number of times a username can be tried, prefer it set at 2 and
> > then not
> On 12.11.2011, Roger wrote:
>
>> Is there a way to limit:
>> -number of log in attempts to 2,
>> -the duration of a log in attempt to 3 seconds or less
>> -the number of times a username can be tried, prefer it set at 2 and
>> then not again for 24 hours if it fails.
> []
Here is what I use,
On 12.11.2011, Roger wrote:
> Is there a way to limit:
> -number of log in attempts to 2,
> -the duration of a log in attempt to 3 seconds or less
> -the number of times a username can be tried, prefer it set at 2 and
> then not again for 24 hours if it fails.
[]
Switch off login with passw
On Sat, 2011-11-12 at 04:03 -0700, T.C. Hollingsworth wrote:
> On Sat, Nov 12, 2011 at 3:19 AM, Roger wrote:
> > Is there a way to limit:
> > -number of log in attempts to 2,
> > -the duration of a log in attempt to 3 seconds or less
> > -the number of times a username can be tried, prefer it set
On Sat, Nov 12, 2011 at 3:19 AM, Roger wrote:
> Is there a way to limit:
> -number of log in attempts to 2,
> -the duration of a log in attempt to 3 seconds or less
> -the number of times a username can be tried, prefer it set at 2 and
> then not again for 24 hours if it fails.
"NumberOfPasswordP
On Sat, Nov 12, 2011 at 8:19 AM, Roger wrote:
> I'm learning about iptables...
> I find the same ip address sometimes 100 times or more and trying the
> same user name.
> After reading and applying much of the help in google I have tried and
> failed to achieve a successful result.
>
> for example
I'm learning about iptables...
I find the same ip address sometimes 100 times or more and trying the
same user name.
After reading and applying much of the help in google I have tried and
failed to achieve a successful result.
for example: /var/log/btmp shows:
user ssh:notty Thu Nov 10 17:10 - 1
15 matches
Mail list logo
