[olug] Help w/ my server

Kevin sharpestmarble at gmail.com
Mon Jul 23 22:04:42 UTC 2012


On Mon, Jul 23, 2012 at 4:59 PM, Lou Duchez <lou at paprikash.com> wrote:
> On 7/23/2012 5:56 PM, Christopher Cashell wrote:
>> In your IPTables config, use the following line as your "allow ssh" line:
>>
>> -A INPUT -p tcp -m tcp --dport 22 -m state --state NEW -m limit
>> --limit 1/min --limit-burst 4 -j ACCEPT
>>
>> Now you have built-in protection against brute-force attacks at the
>> kernel-level, without relying on an external program, or recognizing
>> the failed logins later via log watching.
>>
>
> That is swank, thank you!
Agreed, thank you.



More information about the OLUG mailing list