Mailinglist Archive: opensuse (933 mails)

[Otto Rodusek <otto@xxxxxxxxxxxxxx>]

Istvan Gabor wrote:
> 2010. június 9. 19:06 napon Otto Rodusek <otto@xxxxxxxxxxxxxx> írta:
>
>   
> > Hi ListMates,
> >
> > I'm trying to resolve a problem with Susefirewall2 that I've had for 
> > some time and I'm hoping to get a resolution if possible. I'm trying 
> > this on a Dell Server T110 using opensuse linux 11.2 - uname:  Linux 
> > bunyip 2.6.31.12-0.2-desktop #1 SMP PREEMPT 2010-03-16 21:25:39 +0100 
> > i686 i686 i386 GNU/Linux.
> >
> > I'm trying to restrict the number of sshd login attempts to only 5 per 
> > minute and no more.
> >     
>
> Hello:
>
> This is not an exact answer to your question but there is an article here which 
> is related:
> http://www.novell.com/communities/node/8395/further-securing-opensuse-111-against-ssh-script-attacks
>
> Another one is here:
> http://en.opensuse.org/SSH_systematic_attack_protection
>
> Maybe you can use them.
>
> Istvan
>
>   
Hi Istvan,

Thanks for your feedback. I already have additional safeguards against 
attacks (I have a perl prog that monitors /var/log/messages & other logs 
and locks out perps). I'm just curious why iptables won't honor the:

FW_SERVICES_ACCEPT_EXT="0/0,tcp,22,,hitcount=5,blockseconds=60,recentname=ssh"

It's more a nagging issue than anything else.

Again thanks for your feedback.

Best regards. Otto.
--
To unsubscribe, e-mail: opensuse+unsubscribe@xxxxxxxxxxxx
For additional commands, e-mail: opensuse+help@xxxxxxxxxxxx