十二月
31
2008

限制ssh連入頻率

一、建立自訂 Chain,限制 tcp 連線每分鐘一次,超過者觸發 Log 記錄
iptables -N ratelimit
iptables -A ratelimit -p tcp -m state –state ESTABLISHED,RELATED -j ACCEPT
iptables -A ratelimit -p tcp –syn -m limit –limit 1/m –limit-burst 1 -j ACCEPT
iptables -A ratelimit -p tcp -j LOG –log-level “NOTICE” –log-prefix “[RATELIMIT]”
iptables -A ratelimit -p tcp -j DROP


二、引用自訂 Chain,限制 ssh(tcp port 22)連入頻率
iptables -A INPUT -p tcp –dport 22 -s 192.168.0.0/16 -j ACCEPT(特定 IP 不受限制)
iptables -A INPUT -p tcp –dport 22 -j ratelimit


三、sshd_config 設定
LoginGraceTime 30 密碼輸入時限為 30 秒
MaxAuthTries 2 最多只能輸入 3 次密碼

Tags:

This entry was posted on 星期三, 十二月 31st, 2008 at 1:53 上午 and is filed under Linux. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.

«
»

Leave a Reply