[Freedombox-discuss] Block brute force login attacks?
pere at hungry.com
Tue Mar 18 21:17:29 UTC 2014
> This can be done directly by iptables, (but not yet with iptables6 for
> ip6tables ).
> So I would suggest using a firewall utility instead, like ufw or
This sound interesting. How can iptables know that the login attempt
failed? My idea is to block too many failed connections, not "too
many" connections, as a script with ssh-agent backing might well
connect many times in a short while if the task is right.
> Yes, I think that is a bit too aggressive to block for more than a
> couple of hours. Half an hour to couple of hours after three failed
> access would be better, as you suggests. This can be set up in
> iptables. See ufw directive "limit".
Did not seem to care if the login failed or not, but I might have been
reading the wrong pages.
More information about the Freedombox-discuss