Posts Tagged throttle

Throttle SSH Connections

Posted by on Friday, 22 May, 2009

I run this on my VPS to throttle SSH connections from dictionary attacks (OR disable keyboard based auth and alow only shared keys. No key, no access!).

Configure your services properly rather than relying on a firewall to secure you against lazy configurations. This is all I use IPTables for.

Click to continue reading “Throttle SSH Connections”

Throttle ssh connections

Posted by on Tuesday, 7 April, 2009

Limit the number of connections a host can make to sshd (3 in 60 seconds), if the limit is exceeded new conections are dropped (for 60 seconds). This seems to stop those pesky dictionary attacks.

My iptables script is /etc/networks/iptables and is run from /etc/networks/interfaces under the eth0 section like so:

pre-up /etc/networks/iptables

iptables script snippit:

# Create SSH chain
/sbin/iptables -N SSH
/sbin/iptables -A
SSH -m state –state NEW -m recent –update \
60 –hitcount 3 -j DROP
/sbin/iptables -A
SSH -p tcp -m state –state NEW -m recent –set
/sbin/iptables -A
SSH -p tcp -j ACCEPT

# Jump ssh trffic to SSH chain
/sbin/iptables -A INPUT -p tcp –dport 22 -j SSH

Last-Modified: 2007-03-07 19:38:50