[prev in list] [next in list] [prev in thread] [next in thread] 

List:       opensuse-factory
Subject:    Re: [opensuse-factory] sshd attacks blocked by default request
From:       "Rafael E. Herrera" <raffo () cdi ! com>
Date:       2006-07-23 3:55:18
Message-ID: 44C2F326.2020806 () cdi ! com
[Download RAW message or body]

Christian Boltz wrote:
> Hello,
> 
> Am Sonntag, 16. Juli 2006 12:24 schrieb houghi:
>> As most people know, sshd attacks are very common. Also there are
>> various tools out there that can be used to block these attacks.
> [...]
>> It should be something that does not run with cron, as it is to slow
>> to run only each minute.
> 
> The ipt_recent module can do this job without adding a new package:
> https://bugzilla.novell.com/show_bug.cgi?id=104602

Tried adding the suggested rules into
/etc/sysconfig/scripts/SuSEfirewall2-custom.

They don't seem to get loaded, the new rules don't show with 'iptables
--list'

They do load if you issue the commands manually after loading
SuSEfirewall2. The ipt_recent kernel module gets loaded.

Then I logged to a remote machine and attempted more than 4 connections
in rapid sequence and the rule didn't trigger.

Did I do something wrong?

Rafael

---------------------------------------------------------------------
To unsubscribe, e-mail: opensuse-factory-unsubscribe@opensuse.org
For additional commands, e-mail: opensuse-factory-help@opensuse.org

[prev in list] [next in list] [prev in thread] [next in thread]