[Freedombox-discuss] Block brute force login attacks?
Petter Reinholdtsen
pere at hungry.com
Tue Mar 18 21:17:29 UTC 2014
[Anders Jackson]
> This can be done directly by iptables, (but not yet with iptables6 for
> ip6tables ).
>
> So I would suggest using a firewall utility instead, like ufw or
> shorewall.
This sound interesting. How can iptables know that the login attempt
failed? My idea is to block too many failed connections, not "too
many" connections, as a script with ssh-agent backing might well
connect many times in a short while if the task is right.
> Yes, I think that is a bit too aggressive to block for more than a
> couple of hours. Half an hour to couple of hours after three failed
> access would be better, as you suggests. This can be set up in
> iptables. See ufw directive "limit".
Did not seem to care if the login failed or not, but I might have been
reading the wrong pages.
--
Happy hacking
Petter Reinholdtsen
More information about the Freedombox-discuss
mailing list