 | | | SSH Dictionary Attacks (does not work with EL3) | SSH Dictionary Attacks (does not work with EL3) 2006-01-12 - By bob
Back
i just changed the port from default 22 to 22x worked out great ! anything
default should be changed. IMO
-bob
my .02
-- -- Original Message -- --
From: "Rainer Traut" <tr.ml@(protected)>
To: "Red Hat Enterprise Linux 4 (Nahant) Discussion List"
<nahant-list@(protected)>
Cc: <taroon-list@(protected)>
Sent: Thursday, January 12, 2006 4:09 AM
Subject: Re: SSH Dictionary Attacks (does not work with EL3)
> Hi,
>
> Thomas Cameron schrieb:
>> I know there are probably a million better ways to do this, but I just
>> ran the following two commands on all my Internet facing machines:
>>
>> iptables -I INPUT -p tcp --dport 22 -m state --state NEW \ -m
>> recent --update --seconds 60 --hitcount 4 -j DROP
>>
>> iptables -I INPUT -p tcp --dport 22 -m state --state NEW \ -m
>> recent --set
>>
>> I got them from http://www.debian-administration.org/articles/187 and
>> they seem to work quite nicely.
>
> Thx, for this.
> But I have couple of EL3 servers where I wanted to do this.
> But EL3 does not seem to work:
>
> iptables v1.2.8: Couldn't load match
> `recent':/lib/iptables/libipt_recent.so: cannot open shared object file:
> No such file or directory
>
> find /lib/ -iname "*recent*"
> shows:
> /lib/modules/2.4.21-37.ELsmp/kernel/net/ipv4/netfilter/ipt_recent.o
>
> I can modprobe the module, but that's all.
> Is there a workaround for this?
>
> Thx
> Rainer
>
> --
> Taroon-list mailing list
> Taroon-list@(protected)
> https://www.redhat.com/mailman/listinfo/taroon-list
--
Taroon-list mailing list
Taroon-list@(protected)
https://www.redhat.com/mailman/listinfo/taroon-list
|
|
|