Odd ssh attacks?
Derek Broughton
news at pointerstop.ca
Fri Jul 20 18:31:56 UTC 2007
David Ford wrote:
> And that's why ipt_recent via iptables is even better. It's all done on
> the kernel side without any context switching or memory use. Packets
> get stopped much sooner, much faster and with far fewer resources used.
>
> Fully automatic with heuristics and even managable in userland with echo
> x.x.x.x > y and echo -x.x.x.x > y
>
> I use this to match ssh probes and I use it for blocking spam senders.
> More than N hits per 60 seconds for ssh and you get firewalled for an
> hour. Send me an email that scores higher than 10 with spamassassin and
> you get TARPIT'd for 7 days on port 25.
>
Sounds great - I need to check it out. Actually, I really need to learn to
use iptables ...
--
derek
More information about the ubuntu-users
mailing list