Bruteforce SSH

From Frotmail Projects
Revision as of 09:18, 5 April 2022 by Eric (talk | contribs) (Created page with "Onderstaand script beperkt het aantal nieuwe ssh connecties per host tot 1 per 15 sec Iedere keer dat hij een host blokkeerd moet hij opnieuw 15 sec wachten # Change the value of external_if to the name of your Internet-facing interface! external_if=eth1 /sbin/iptables --new-chain sshthrottle /sbin/iptables --append sshthrottle \ --match recent --update --seconds 15 --name sshthrottlelog \ --jump DROP /sbin/iptables --append sshthrottle \...")
(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Jump to navigation Jump to search

Onderstaand script beperkt het aantal nieuwe ssh connecties per host tot 1 per 15 sec Iedere keer dat hij een host blokkeerd moet hij opnieuw 15 sec wachten 

# Change the value of external_if to the name of your Internet-facing interface!
external_if=eth1

/sbin/iptables --new-chain sshthrottle

/sbin/iptables --append sshthrottle \
       --match recent --update --seconds 15 --name sshthrottlelog \
       --jump DROP
 
/sbin/iptables --append sshthrottle \
       --match recent --set --name sshthrottlelog \
       --jump LOG --log-prefix "ssh connection stifled "

/sbin/iptables --append sshthrottle --jump DROP

/sbin/iptables --append INPUT --in-interface $external_if \
       --protocol tcp --destination-port 22 \
       --match state --state NEW \
       --match recent --update --seconds 15 --name sshthrottle \
       --jump sshthrottle

/sbin/iptables --append INPUT --in-interface $external_if \
       --protocol tcp --destination-port 22 \
       --match state --state NEW \
       --match recent --set --name sshthrottle \
       --jump ACCEPT

[1]

Retrieved from "https://wiki.frotmail.nl/index.php?title=Bruteforce_SSH&oldid=59"