Here's how to limit the maximum ssh connection attempts to your server. This guards against brute force attacks.
The following 2 rules will limit incoming connections to port 22 to no more than 3 attempts in a minute, any more than that will be dropped:
iptables -I INPUT tcp --dport 22 -i eth0 -m state --state NEW -m recent --set
iptables -I INPUT tcp --dport 22 -i eth0 -m state --state NEW -m recent --update --seconds 60 --hitcount 4 -j DROP
Enter the above commands one after another in the Linux terminal prompt. Substitute eth0 for whatever your network interface is called (it's usually eth0).
Here's a barebones test script you can use to prove the iptables rules are working:
#!/bin/bash
for i in 'seq 1 5' ; do
echo 'exit' | nc localhost 22 ;
done
Of course, you should also take other, simpler security measures like using strong passwords and limiting access times.
No comments:
Post a Comment