Hi, First of all, blocking specific IP addresses will offer no protection if the attack came from a public dial-in-ISP where the address may change every time. Even if the attacker always uses the same IP address (which would be very unwise) he might try the same stuff from a different location (with a different address). But if it helps you sleep better, add a custom iptables rule in /etc/sysconfig/scripts/SuSEfirewall2-custom and activate this script in the main config file. Better protection will be accomplished by explicitly securing the SSH service (and the other services as well). The default config is fairly secure, but can possibly be enhanced. For example, disable protocol 1 unless you really need it. Good night, Holger Am Dienstag, 29. Juli 2003 21:27 schrieb Nigel Gaylard:
Hi All
I would like to create a list of IP address's that should be denied all access to my server. I have currently 2 or 3 people making a deliberate effort to hack into my SSH port, and so I would like to deny them access to it at firewall level, as well as all other ports. I can't seem to find information in the Suse documentation on firewall2.
Many thanks
Nigel Gaylard