[Gllug] limiting ssh zombie login attempts
Sean Burlington
sean at uncertainty.org.uk
Tue Oct 19 13:37:24 UTC 2004
Martin A. Brooks wrote:
> On Tue, 2004-10-19 at 14:04, Andre Newman wrote:
>
>>>Using iptables' 'limit' match to limit SSH connections to two every 5
>>>minutes should work reasonably well - it'd take a very long time to try
>>
>>I'm using
>>-m state --state NEW -m limit --limit 5/min --limit-burst 2 -j ACCEPT
>
>
> That look like a very effective method of being locked out of your own
> server :)
>
which is exactly the problem I used to have with a box I helped look
after ...
which wouldn't have been so bad if we had physical access
as it was the firewall script had to be left out of the initscripts as
the only way we could get back in was to reboot !
...paranoia leading to hopless insecurity
(political parallels not to hard to draw)
--
Sean
--
Gllug mailing list - Gllug at gllug.org.uk
http://lists.gllug.org.uk/mailman/listinfo/gllug
More information about the GLLUG
mailing list