From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <ldv@altlinux.org>
Date: Mon, 7 Jul 2008 21:33:53 +0400
From: "Dmitry V. Levin" <ldv@altlinux.org>
To: sysadmins@lists.altlinux.org
Message-ID: <20080707173353.GL11564@wo.int.altlinux.org>
Mail-Followup-To: sysadmins@lists.altlinux.org
References: <20080703230108.GA32472@granary.armor.altlinux.org>
	<200807061823.14748.a_s_y@sama.ru>
	<20080706210012.GU31923@osdn.org.ua>
	<200807070939.12816.a_s_y@sama.ru>
Mime-Version: 1.0
Content-Type: multipart/signed; micalg=pgp-sha1;
	protocol="application/pgp-signature"; boundary="1hKfHPzOXWu1rh0v"
Content-Disposition: inline
In-Reply-To: <200807070939.12816.a_s_y@sama.ru>
X-fingerprint: FE4C 93AB E19A 2E4C CB5D  3E4E 7CAB E6AC 9E35 361E
Subject: Re: [Sysadmins] I: sshutout
X-BeenThere: sysadmins@lists.altlinux.org
X-Mailman-Version: 2.1.10b3
Precedence: list
Reply-To: ALT Linux sysadmin discuss <sysadmins@lists.altlinux.org>
List-Id: ALT Linux sysadmin discuss <sysadmins.lists.altlinux.org>
List-Unsubscribe: <https://lists.altlinux.org/mailman/listinfo/sysadmins>,
	<mailto:sysadmins-request@lists.altlinux.org?subject=unsubscribe>
List-Archive: <http://lists.altlinux.org/pipermail/sysadmins>
List-Post: <mailto:sysadmins@lists.altlinux.org>
List-Help: <mailto:sysadmins-request@lists.altlinux.org?subject=help>
List-Subscribe: <https://lists.altlinux.org/mailman/listinfo/sysadmins>,
	<mailto:sysadmins-request@lists.altlinux.org?subject=subscribe>
X-List-Received-Date: Mon, 07 Jul 2008 17:33:53 -0000
Archived-At: <http://lore.altlinux.org/sysadmins/20080707173353.GL11564@wo.int.altlinux.org/>
List-Archive: <http://lore.altlinux.org/sysadmins/>


--1hKfHPzOXWu1rh0v
Content-Type: text/plain; charset=koi8-r
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable

On Mon, Jul 07, 2008 at 09:39:12AM +0500, Sergey wrote:
> On Monday 07 July 2008, Michael Shigorin wrote:
>=20
> > > =CD=C5=CE=D1 =D7=D0=CF=CC=CE=C5 =D3=D0=C1=D3=C1=C5=D4 iptables. =F7=
=D2=CF=C4=C5 =C2=D9 =CE=C9=CB=D4=CF =CE=C5 =D7=CF=DA=D7=D2=C1=DD=C1=C5=D4=
=D3=D1,
> > > =CE=C1=D4=CB=CE=D5=D7=DB=C9=D3=D8 =CE=C1 =CD=C9=CE=D5=D4=CE=D5=C0 =C2=
=CC=CF=CB=C9=D2=CF=D7=CB=D5 =D0=CF recent. =F1 =D5=D6=C5 =D0=C9=D3=C1=CC
> > > =D7=D2=CF=C4=C5... =E9 =D7 =CE=C1=D3=D4=D2=CF=CA=CB=C9 =D0=CF-=D5=CD=
=CF=CC=DE=C1=CE=C9=C0 =D0=D2=C5=C4=CC=C1=C7=C1=CC =C4=CF=C2=C1=D7=C9=D4=D8.=
..
> >=20
> > =FC... =C1 =CD=CF=D6=C5=DB=D8 =C6=CF=D2=D7=C1=D2=C4=CE=D5=D4=D8?
>=20
> =F0=D2=C9=CD=C5=D2=CE=CF =D7=CF=D4 =D4=C1=CB:
>=20
> -A INPUT -p tcp -m tcp --dport 22 --tcp-flags FIN,SYN,RST,ACK SYN -m rece=
nt --set --name ssh_rate_limit --rsource
> -A INPUT -p tcp -m tcp --dport 22 --tcp-flags FIN,SYN,RST,ACK SYN -m rece=
nt --update --seconds 60 --hitcount 4 --name ssh_rate_limit --rsource -j LOG
> -A INPUT -p tcp -m tcp --dport 22 --tcp-flags FIN,SYN,RST,ACK SYN -m rece=
nt --update --seconds 60 --hitcount 4 --name ssh_rate_limit --rsource -j DR=
OP

=F2=C5=CB=CF=CD=C5=CE=C4=D5=C0 =DA=C1=D7=C5=D3=D4=C9 =D3=C5=C2=C5 -j LOGDRO=
P, =C9=DA=C2=D9=D4=CF=DE=CE=CF=D3=D4=D8 =D0=D2=C1=D7=C9=CC =D5=CD=C5=CE=D8=
=DB=C9=D4=D3=D1
=D0=CF=DE=D4=C9 =D7 2 =D2=C1=DA=C1.


--=20
ldv

--1hKfHPzOXWu1rh0v
Content-Type: application/pgp-signature
Content-Disposition: inline

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)

iEYEARECAAYFAkhyU4EACgkQfKvmrJ41Nh5DwwCeKWaq6TscpTwcValL0ox+VALC
vWkAoLVW+4A92k7/dO6qPydbAWMxmqt8
=YEB4
-----END PGP SIGNATURE-----

--1hKfHPzOXWu1rh0v--