[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: Any danger from these ports?



On Mon, Jan 10, 2005 at 10:45:02AM -0500, Jeff Spaleta wrote:
> On Sat, 8 Jan 2005 21:49:21 -0500 (EST), Tom Diehl <tdiehl rogueind com> wrote:
> > Another thing you might want to look into is the ipt_recent module for iptables.
> > I just crafted a couple of rules for fwbuilder that allow iptables to watch
> > for multiple connection attempts from the same address within minute.
> > I have it set so that if the same ip address tries to connect more than 2
> > times in a minute, subsequent connections attempts from that ip address
> > are simply dropped by iptables. After 60 seconds connections from the offending
> > ip are restored, at least until they exceed the threshold again. That at least
> > limits how many attempts the bad guys can make. If it is just someone that
> > screwed up their username or passwd it does not lock them out permanently.
> 
> Any chance you can share the example iptables rules that makes this
> happen to the list?
> 
> Is the use of ipt_recent in a similar way something worth considering
> as an inclusion to fedora default firewall rules?

Not a default for servers, surely? 

-- 
Consciousness: that annoying time between naps.


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]