[K12OSN] How do I stop attempted logins
Dr. Daniel Loomis
drloomis at cox-internet.com
Thu Mar 24 01:55:11 UTC 2005
Terrel,
Thanks for the help with the Asian subnets and my limited knowledge of
subnetting. As you suggested, I added the following to my iptables
firewall in /etc/sysconfig and restarted iptables:
-A INPUT -s 58.0.0.0/7 -p tcp --dport 22 -j DROP
-A INPUT -s 60.0.0.0/7 -p tcp --dport 22 -j DROP
-A INPUT -s 124.0.0.0/7 -p tcp --dport 22 -j DROP
-A INPUT -s 126.0.0.0/8 -p tcp --dport 22 -j DROP
-A INPUT -s 169.208.0.0/12 -p tcp --dport 22 -j DROP
-A INPUT -s 196.192.0.0/13 -p tcp --dport 22 -j DROP
-A INPUT -s 202.0.0.0/7 -p tcp --dport 22 -j DROP
-A INPUT -s 210.0.0.0/7 -p tcp --dport 22 -j DROP
-A INPUT -s 218.0.0.0/7 -p tcp --dport 22 -j DROP
-A INPUT -s 220.0.0.0/7 -p tcp --dport 22 -j DROP
-A INPUT -s 222.0.0.0/8 -p tcp --dport 22 -j DROP
. . .
plus a few other common subnets that have been trying to hack in.
Just curious. If I really wanted to close things off to all but one
particular home ip address on port 22, would the rule look something
like the following?
-A INPUT -s !xx.xx.xx.xx/32 -p tcp --dport 22 -j DROP
Thanks again.
Daniel
More information about the K12OSN
mailing list