Έλεγχος για rotation log αρχείου
V13
v13 at v13.gr
Wed Sep 16 19:52:59 EEST 2009
On Wednesday 16 September 2009, Christos Ricudis wrote:
> O *makran* pio eykolos tropos gia na glytwneis mia kai kalh apo tis
> bruteforce SSH blakeies, einai *apla na allakseis listening port ston
> ssh daemon*. Den exw dei pote na xtypane opoudhpote allou ektos apo to
> 22, opote poly apla katargw to 22 kai bazw ton sshd na akouei sto 2200.
O amesos epomenos einai to iptables me hashlimit:
$I -A INPUT -p tcp --dport 22 --syn -m hashlimit --hashlimit 6/minute --hashlimit-mode srcip --hashlimit-name ssh -j ACCEPT
$I -A INPUT -p tcp --dport 22 --syn -m limit --limit 5/minute -j LOG --log-prefix "D-SSH-RATE"
$I -A INPUT -p tcp --dport 22 --syn -j REJECT --reject-with tcp-reset
$I -A INPUT -p tcp --dport 22 -j ACCEPT
h me oti allo mporeis na fantasteis:
T=INPUT
IF=your_network_interface
$I -A $T -i $IF -p tcp --dport 22 --syn \
-m recent --name badssh --update --seconds 300 --hitcount 5 \
-j REJECT --reject-with tcp-reset
$I -A $T -i $IF -p tcp --dport 22 --tcp-flags FIN FIN \
-m connbytes --connbytes-dir original --connbytes-mode bytes --connbytes 0:3000 \
-m recent --name badssh --set
$I -A $T -j RETURN
an theleis ana IP kai mono ta fails.
Yparxoyn kai alloi tropoi kai mporeis na toys fantasteis.
<<V13>>
More information about the Linux-greek-users
mailing list