From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: To: ALT Linux sysadmin discuss Organization: Tyumen's University, Institute of Distance Education References: <20071010093734.42b1874d@batyrshin.ieml.ru> <20071017170500.39b79559@batyrshin.ieml.ru> From: "Vladimir V. Kamarzin" Date: Thu, 18 Oct 2007 11:22:49 +0600 In-Reply-To: <20071017170500.39b79559@batyrshin.ieml.ru> (Timur Batyrshin's message of "Wed, 17 Oct 2007 17:05:00 +0400") Message-ID: User-Agent: Gnus/5.1007 (Gnus v5.10.7) XEmacs/21.5-b28 (linux) MIME-Version: 1.0 Content-Type: text/plain; charset=iso-8859-5 Content-Transfer-Encoding: quoted-printable X-Virus-Scanned: Scanned by clamav Subject: Re: [Sysadmins] IDS lists X-BeenThere: sysadmins@lists.altlinux.org X-Mailman-Version: 2.1.9 Precedence: list Reply-To: ALT Linux sysadmin discuss List-Id: ALT Linux sysadmin discuss List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 18 Oct 2007 05:22:50 -0000 Archived-At: List-Archive: >>>>> On 17 Oct 2007 at 19:05 "TB" =3D=3D Timur Batyrshin writes: >> =BF=E0=D8=DC=D5=E0 =D1=DB=DE=DA=D8=E0=DE=D2=DA=D8 ssh =DE=E2 asy@: >>=20 >> # cat /etc/net/ifaces/top/fw/iptables/filter/INPUT >> [...] >> # ssh restriction >> -p TCP --syn --dport 22 -s xxx.xxx.xxx.0/28 -j ACCEPT >> -p TCP --syn --dport 22 -m recent --name ssh_rate_limit --set >> -p TCP --syn --dport 22 -m recent --name ssh_rate_limit --update >> --seconds 60 --hitcount 4 -j LOG >> -p TCP --syn --dport 22 -m recent --name ssh_rate_limit --update >> --seconds 60 --hitcount 4 -j DROP TB> =B0 =D2 =DF=DE=E1=DB=D5=D4=DD=D5=DC =E1=DB=E3=E7=D0=D5 =DD=D5 =DB=E3= =E7=E8=D5 =D1=E3=D4=D5=E2 --rcheck =D2=DC=D5=E1=E2=DE --update ? TB> =B8=DD=D0=E7=D5 =DA=D0=D6=D4=EB=D9 syn =D1=E3=D4=D5=E2 =E1=E7=D8=E2=D0= =E2=EC=E1=EF =D4=D2=D0=D6=D4=EB. =BA=D0=DA =D2=EB =ED=E2=DE =DE=DF=E0=D5=D4=D5=DB=D8=DB=D8? --=20 vvk Russian Postfix irc: irc.freenode.net #postfix-ru