Mailinglist Archive: opensuse-factory (293 mails)
| < Previous | Next > |
Re: [opensuse-factory] sshd attacks blocked by default request
- From: "Rafael E. Herrera" <raffo@xxxxxxx>
- Date: Sat, 22 Jul 2006 23:55:18 -0400
- Message-id: <44C2F326.2020806@xxxxxxx>
Christian Boltz wrote:
> Hello,
>
> Am Sonntag, 16. Juli 2006 12:24 schrieb houghi:
>> As most people know, sshd attacks are very common. Also there are
>> various tools out there that can be used to block these attacks.
> [...]
>> It should be something that does not run with cron, as it is to slow
>> to run only each minute.
>
> The ipt_recent module can do this job without adding a new package:
> https://bugzilla.novell.com/show_bug.cgi?id=104602
Tried adding the suggested rules into
/etc/sysconfig/scripts/SuSEfirewall2-custom.
They don't seem to get loaded, the new rules don't show with 'iptables
--list'
They do load if you issue the commands manually after loading
SuSEfirewall2. The ipt_recent kernel module gets loaded.
Then I logged to a remote machine and attempted more than 4 connections
in rapid sequence and the rule didn't trigger.
Did I do something wrong?
Rafael
---------------------------------------------------------------------
To unsubscribe, e-mail: opensuse-factory-unsubscribe@xxxxxxxxxxxx
For additional commands, e-mail: opensuse-factory-help@xxxxxxxxxxxx
> Hello,
>
> Am Sonntag, 16. Juli 2006 12:24 schrieb houghi:
>> As most people know, sshd attacks are very common. Also there are
>> various tools out there that can be used to block these attacks.
> [...]
>> It should be something that does not run with cron, as it is to slow
>> to run only each minute.
>
> The ipt_recent module can do this job without adding a new package:
> https://bugzilla.novell.com/show_bug.cgi?id=104602
Tried adding the suggested rules into
/etc/sysconfig/scripts/SuSEfirewall2-custom.
They don't seem to get loaded, the new rules don't show with 'iptables
--list'
They do load if you issue the commands manually after loading
SuSEfirewall2. The ipt_recent kernel module gets loaded.
Then I logged to a remote machine and attempted more than 4 connections
in rapid sequence and the rule didn't trigger.
Did I do something wrong?
Rafael
---------------------------------------------------------------------
To unsubscribe, e-mail: opensuse-factory-unsubscribe@xxxxxxxxxxxx
For additional commands, e-mail: opensuse-factory-help@xxxxxxxxxxxx
| < Previous | Next > |