[Dovecot] No tcp wrappers, other ideas to help stop brute force attacks?
Marcus Rueckert
rueckert at informatik.uni-rostock.de
Thu Aug 31 06:34:38 EEST 2006
On 2006-08-30 19:57:00 -0400, John Peacock wrote:
> Cool! I need this for ssh dictionary attacks anyways, so I'll test it out now
> and the when the Dovecot changes are ready, I'll test it further...
[[[
iptables -A input_ext -p tcp --dport 22 -m recent --update --seconds 60 --hitcount 4 --rttl --name SSH -j LOG --log-prefix "SSH_brute_force attack "
iptables -A input_ext -p tcp --dport 22 -m recent --update --seconds 60 --hitcount 4 --rttl --name SSH -j DROP
iptables -A input_ext -p tcp --dport 22 -m state --state NEW -m recent --set --name SSH -j ACCEPT
]]]
works perfectly for me.
and i dont need to rely on log files
darix
--
openSUSE - SUSE Linux is my linux
openSUSE is good for you
www.opensuse.org
More information about the dovecot
mailing list