Ludwig Nussel wrote:
Otto Rodusek (AP-SGP) wrote:
I'm a bit confused with Susefirewall. I have had a number of robot attacks against sshd so I set the following rule in SuSefirewall to limit the number of allowable sshd logins per 60 second period:
FW_SERVICES_ACCEPT_EXT="0/0,tcp,22,,hitcount=3,blockseconds=60,recentname=ssh"
Provided that your network interface is in the external zone this should work fine.
cu Ludwig
Hi Ludwig, Yes my interface is indeed in the external zone. From my log files (as per below) I can see that it does not however work . I'm not sure what to try next to make it work!! Rgds. Otto. [hundreds of such lines] Mar 10 01:32:54 sshd[19890]: Invalid user patrick from 222.156.220.25 Mar 10 01:32:56 sshd[19892]: Invalid user patrick from 222.156.220.25 Mar 10 01:33:09 sshd[19904]: Invalid user rolo from 222.156.220.25 Mar 10 01:33:11 sshd[19906]: Invalid user iceuser from 222.156.220.25 Mar 10 01:33:12 sshd[19908]: Invalid user horde from 222.156.220.25 Mar 10 01:33:14 sshd[19910]: Invalid user cyrus from 222.156.220.25 Mar 10 01:33:16 sshd[19912]: Invalid user www from 222.156.220.25 --------------------------------------------------------------------- To unsubscribe, e-mail: opensuse-security+unsubscribe@opensuse.org For additional commands, e-mail: opensuse-security+help@opensuse.org