26 Mar
2006
26 Mar
'06
09:23
Damon Register wrote:
Another idea: use the "recent" module of iptables to automatically block repeated "polls". There was a brief thread in the security list time ago. I think I stumbled on that in googling around today. That sounds interesting but I suppose that I would have to use something newer than SuSE 9.0.
I've just now set it up on my gateway to see how it works - I haven't really been too bothered by the ssh dictionary-attacks, but what Carlos describes looks interesting and quite elegant. Oh, and this gateway is running SuSE 7.1 with kernel 2.4.27. So your SUSE 9.0 should be perfectly fine - maybe with a kernel and/or iptables update. /Per Jessen, Zürich