[plug] firewalling ssh
Tim Bowden
tim.bowden at westnet.com.au
Mon Jan 8 15:31:45 WST 2007
Hi all,
I'm trying to protect a debian box from ssh attacks. I need to be able
to ssh in from anywhere so I need to keep port 22 open. What I would
like to do though is drop connection requests from any address that
attempts to connect more than three or four times in less than a minute.
Any ideas on how to do it? What I'd like to do is an iptables rule that
does rate limiting syn packets per each source address but I don't
believe that's possible (at least out of the box).
Regards,
Tim Bowden
More information about the plug
mailing list