Mailinglist Archive: opensuse (933 mails)
| < Previous | Next > |
Re: [opensuse] Howto restrict number of sshd sessions per minute
- From: "Carlos E. R." <robin.listas@xxxxxxxxxxxxxx>
- Date: Wed, 9 Jun 2010 19:16:54 +0200 (CEST)
- Message-id: <alpine.LSU.2.00.1006091915120.5477@xxxxxxxxxxxxxxxx>
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
On Thursday, 2010-06-10 at 01:06 +0800, Otto Rodusek wrote:
Make sure you don't open ssh somewhere else; FW_SERVICES_EXT_*, FW_TRUSTED_NETS take precedence over FW_SERVICES_ACCEPT_EXT.
- -- Cheers,
Carlos E. R.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.9 (GNU/Linux)
iEYEARECAAYFAkwPzI0ACgkQtTMYHG2NR9WcMgCcDxT81UtsXe8SIO4LUZ4h+yeg
ilwAn1Uzwg03hS+r74yd6Ct/T2PhZB0+
=mRHe
-----END PGP SIGNATURE-----
--
To unsubscribe, e-mail: opensuse+unsubscribe@xxxxxxxxxxxx
For additional commands, e-mail: opensuse+help@xxxxxxxxxxxx
Hash: SHA1
On Thursday, 2010-06-10 at 01:06 +0800, Otto Rodusek wrote:
I've read the docs and have modified /etc/sysconfig/SuSEfirewall2 (FW_SERVICES_ACCEPT_EXT="0/0,tcp,22") to (FW_SERVICES_ACCEPT_EXT="0/0,tcp,22,,hitcount=5,blockseconds=60,recentname=ssh").
If I check my logs I can still see that MANY sshd login attempts still happen within the 60 seconds.
Make sure you don't open ssh somewhere else; FW_SERVICES_EXT_*, FW_TRUSTED_NETS take precedence over FW_SERVICES_ACCEPT_EXT.
- -- Cheers,
Carlos E. R.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.9 (GNU/Linux)
iEYEARECAAYFAkwPzI0ACgkQtTMYHG2NR9WcMgCcDxT81UtsXe8SIO4LUZ4h+yeg
ilwAn1Uzwg03hS+r74yd6Ct/T2PhZB0+
=mRHe
-----END PGP SIGNATURE-----
--
To unsubscribe, e-mail: opensuse+unsubscribe@xxxxxxxxxxxx
For additional commands, e-mail: opensuse+help@xxxxxxxxxxxx
| < Previous | Next > |