annoying brute force attack attempt using ssh
Tim
ignored_mailbox at yahoo.com.au
Thu May 15 11:37:37 UTC 2008
Bill Crawford:
>> You appended the rule, AFTER the ones which allow ssh through?
Scott van Looy:
> That should work though IIRC...I'm stopping a specific IP from
> connecting
If you've already accepted it, you've already accepted it. As far as I
recall, the first rule to match wins with this sort of thing (and this
should be easy enough to test with a couple of experiments). Put your
drops in before your accepts, what's dropped is dropped, and no further
rules get to play with it.
--
[tim at bigblack ~]$ uname -ipr
2.6.23.15-80.fc7 i686 i386
Don't send private replies to my address, the mailbox is ignored.
I read messages from the public lists.
More information about the fedora-list
mailing list