From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.2.4 (2008-01-01) on sa.int.altlinux.org X-Spam-Level: X-Spam-Status: No, score=-1.3 required=5.0 tests=AWL,BAYES_00 autolearn=ham version=3.2.4 Date: Mon, 7 Jul 2008 14:48:01 +0400 From: Timur Batyrshin To: sysadmins@lists.altlinux.org Message-ID: <20080707144801.20a979eb@batyrshin.ieml.ru> In-Reply-To: <200807070939.12816.a_s_y@sama.ru> References: <20080703230108.GA32472@granary.armor.altlinux.org> <200807061823.14748.a_s_y@sama.ru> <20080706210012.GU31923@osdn.org.ua> <200807070939.12816.a_s_y@sama.ru> Organization: IEML X-Mailer: Claws Mail 2.10.0cvs158 (GTK+ 2.10.14; i586-alt-linux-gnu) Mime-Version: 1.0 Content-Type: multipart/signed; boundary="Sig_IvjRUiKBroCKEb2X//LGrbP"; protocol="application/pgp-signature"; micalg=PGP-SHA1 X-SpamTest-Version: SMTP-Filter Version 3.0.0 [0255], KAS30/Release X-SpamTest-Info: Not protected X-Anti-Virus: Kaspersky Anti-Virus for MailServers 5.5.10/RELEASE, bases: 07072008 #821099, status: clean Subject: Re: [Sysadmins] I: sshutout X-BeenThere: sysadmins@lists.altlinux.org X-Mailman-Version: 2.1.10b3 Precedence: list Reply-To: ALT Linux sysadmin discuss List-Id: ALT Linux sysadmin discuss List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 07 Jul 2008 10:48:05 -0000 Archived-At: List-Archive: --Sig_IvjRUiKBroCKEb2X//LGrbP Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: quoted-printable On Mon, 7 Jul 2008 09:39:12 +0500 Sergey wrote: > > > =D0=BC=D0=B5=D0=BD=D1=8F =D0=B2=D0=BF=D0=BE=D0=BB=D0=BD=D0=B5 =D1=81= =D0=BF=D0=B0=D1=81=D0=B0=D0=B5=D1=82 iptables. =D0=92=D1=80=D0=BE=D0=B4=D0= =B5 =D0=B1=D1=8B =D0=BD=D0=B8=D0=BA=D1=82=D0=BE =D0=BD=D0=B5 =D0=B2=D0=BE= =D0=B7=D0=B2=D1=80=D0=B0=D1=89=D0=B0=D0=B5=D1=82=D1=81=D1=8F, > > > =D0=BD=D0=B0=D1=82=D0=BA=D0=BD=D1=83=D0=B2=D1=88=D0=B8=D1=81=D1=8C = =D0=BD=D0=B0 =D0=BC=D0=B8=D0=BD=D1=83=D1=82=D0=BD=D1=83=D1=8E =D0=B1=D0=BB= =D0=BE=D0=BA=D0=B8=D1=80=D0=BE=D0=B2=D0=BA=D1=83 =D0=BF=D0=BE recent. =D0= =AF =D1=83=D0=B6=D0=B5 =D0=BF=D0=B8=D1=81=D0=B0=D0=BB > > > =D0=B2=D1=80=D0=BE=D0=B4=D0=B5... =D0=98 =D0=B2 =D0=BD=D0=B0=D1=81=D1= =82=D1=80=D0=BE=D0=B9=D0=BA=D0=B8 =D0=BF=D0=BE-=D1=83=D0=BC=D0=BE=D0=BB=D1= =87=D0=B0=D0=BD=D0=B8=D1=8E =D0=BF=D1=80=D0=B5=D0=B4=D0=BB=D0=B0=D0=B3=D0= =B0=D0=BB =D0=B4=D0=BE=D0=B1=D0=B0=D0=B2=D0=B8=D1=82=D1=8C... > >=20 > > =D0=AD... =D0=B0 =D0=BC=D0=BE=D0=B6=D0=B5=D1=88=D1=8C =D1=84=D0=BE=D1= =80=D0=B2=D0=B0=D1=80=D0=B4=D0=BD=D1=83=D1=82=D1=8C? >=20 > =D0=9F=D1=80=D0=B8=D0=BC=D0=B5=D1=80=D0=BD=D0=BE =D0=B2=D0=BE=D1=82 =D1= =82=D0=B0=D0=BA: >=20 > -A INPUT -p tcp -m tcp --dport 22 --tcp-flags FIN,SYN,RST,ACK SYN -m > recent --set --name ssh_rate_limit --rsource -A INPUT -p tcp -m tcp > --dport 22 --tcp-flags FIN,SYN,RST,ACK SYN -m recent --update > --seconds 60 --hitcount 4 --name ssh_rate_limit --rsource -j LOG -A > INPUT -p tcp -m tcp --dport 22 --tcp-flags FIN,SYN,RST,ACK SYN -m > recent --update --seconds 60 --hitcount 4 --name ssh_rate_limit > --rsource -j DROP >=20 =D0=97=D0=B4=D0=B5=D1=81=D1=8C =D0=B1=D1=8B, =D0=BA=D1=81=D1=82=D0=B0=D1=82= =D0=B8, =D0=B5=D1=89=D0=B5 =D0=BF=D1=80=D0=B8=D0=BD=D1=83=D0=B4=D0=B8=D1=82= =D0=B5=D0=BB=D1=8C=D0=BD=D0=BE =D0=B8=D0=BD=D1=82=D0=B5=D1=80=D1=84=D0=B5= =D0=B9=D1=81 =D1=83=D0=BA=D0=B0=D0=B7=D1=8B=D0=B2=D0=B0=D1=82=D1=8C, =D1=82= .=D0=BA. =D0=BD=D0=B0 veth =D0=B5=D1=81=D1=82=D1=8C =D0=B2=D0=BF=D0=BE=D0=BB=D0=BD=D0=B5 =D1=80=D0=B5= =D0=B0=D0=BB=D1=8C=D0=BD=D0=B0=D1=8F =D0=B2=D0=BE=D0=B7=D0=BC=D0=BE=D0=B6= =D0=BD=D0=BE=D1=81=D1=82=D1=8C =D0=BD=D0=B5 =D0=BF=D0=BE=D0=BF=D0=B0=D1=81= =D1=82=D1=8C =D0=BD=D0=B0 ssh =D0=B2=D0=BE=D0=BE=D0=B1=D1=89=D0=B5, =D0=BA= =D0=BE=D0=B3=D0=B4=D0=B0 =D1=81=D1=82=D0=B0=D1=82=D0=B8=D1=81=D1=82=D0=B8=D0=BA=D0=B0 =D0=BE=D0=B1 = =D0=BE=D0=B4=D0=BD=D0=BE=D0=BC =D0=B8 =D1=82=D0=BE=D1=82 =D0=B6=D0=B5 =D0= =BF=D0=B0=D0=BA=D0=B5=D1=82 =D0=B1=D1=83=D0=B4=D0=B5=D1=82 =D1=81=D0=BA=D0= =BB=D0=B0=D0=B4=D1=8B=D0=B2=D0=B0=D1=82=D1=8C=D1=81=D1=8F =D0=B2 =D0=BE=D1= =87=D0=B5=D1=80=D0=B5=D0=B4=D1=8C =D0=BD=D0=B5=D1=81=D0=BA=D0=BE=D0=BB=D1=8C=D0=BA=D0=BE =D1=80=D0=B0=D0=B7 -= - =D0=BF=D0=BE =D1=80=D0=B0=D0=B7=D1=83 =D0=BD=D0=B0 =D0=BA=D0=B0=D0=B6=D0= =B4=D1=8B=D0=B9 =D0=B8=D0=B7 =D0=B2=D0=B8=D1=80=D1=82=D1=83=D0=B0=D0=BB=D1= =8C=D0=BD=D1=8B=D1=85 =D0=B8=D0=BD=D1=82=D0=B5=D1=80=D1=84=D0=B5=D0=B9=D1= =81=D0=BE=D0=B2. --Sig_IvjRUiKBroCKEb2X//LGrbP Content-Type: application/pgp-signature; name=signature.asc Content-Disposition: attachment; filename=signature.asc -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.8 (GNU/Linux) iEYEARECAAYFAkhx9GIACgkQSdBU6yPTZRLi9wCeMrFKjxAfXhW2yx74w//Czmkg br0An0cJ69wCWXv0VpXc4EFvh194lI89 =QYIa -----END PGP SIGNATURE----- --Sig_IvjRUiKBroCKEb2X//LGrbP--