Mailinglist Archive: opensuse (933 mails)
| < Previous | Next > |
Re: [opensuse] Howto restrict number of sshd sessions per minute
- From: Togan Muftuoglu <toganm+suse@xxxxxxxxxxxx>
- Date: Wed, 09 Jun 2010 20:19:15 +0200
- Message-id: <4C0FDB23.5020708@xxxxxxxxxxxx>
Otto Rodusek wrote:
remove sshd from here.
Also normally you would not allow samba-client samba-server in external
Interface.
If you have DMZ interface configured and you want to allow ssh to your
DMZ then fine
If you are allowing ssh connections to your firewall from your internal
network then fine
This is the one that gives the controlling of how many connections
Hope this helps
Togan
--
To unsubscribe, e-mail: opensuse+unsubscribe@xxxxxxxxxxxx
For additional commands, e-mail: opensuse+help@xxxxxxxxxxxx
Hmmm...another follow up to Carlos email got me searching and I found 3
additional references to sshd :
FW_CONFIGURATIONS_EXT="apache2 apache2-ssl postfix samba-client
samba-server sshd vsftpd"
remove sshd from here.
Also normally you would not allow samba-client samba-server in external
Interface.
FW_CONFIGURATIONS_DMZ="sshd"
If you have DMZ interface configured and you want to allow ssh to your
DMZ then fine
FW_CONFIGURATIONS_INT="sshd"
If you are allowing ssh connections to your firewall from your internal
network then fine
# Allow max three ssh connects per minute from the same IP address:
# "0/0,tcp,22,,hitcount=3,blockseconds=60,recentname=ssh"
FW_SERVICES_ACCEPT_EXT="0/0,tcp,22,,hitcount=5,blockseconds=60,recentname=ssh"
This is the one that gives the controlling of how many connections
Hope this helps
Togan
--
To unsubscribe, e-mail: opensuse+unsubscribe@xxxxxxxxxxxx
For additional commands, e-mail: opensuse+help@xxxxxxxxxxxx
| < Previous | Next > |