[rhn-users] Iptables problem
Alberto Ferrante
Ferrante at alari.ch
Wed Mar 1 17:27:05 UTC 2006
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
No, all the ports are closed but only for the IP address which is
triggering the rule... And this is what happens for the 1st 20-30 days
after a reboot. After that, all the ports become closed for all the IP
addresses...
Anyway, in the last days I discovered denyhost, a daemon which does the
same thing as my iptables rules by modifying the hosts.deny file
dynamically. This daemon seems to work well and it is exactly what I
required to stop SSH brute force attacks. Therefore, I am not using
those iptables rules anymore.
Regards,
Alberto
ludwig wrote:
> Weird stuff!
> Could someone be scanning port 22 and triggering the rule.
> Is that even possible?
- --
Personal Home Page: http://www.alari.ch/~alberto
Public key: http://www.alari.ch/~alberto/key-alari-dti.txt
Advanced Learning and Research Institute [http://www.ALaRI.ch]
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.2.1 (GNU/Linux)
iQIVAwUBRAXZaC1ZVVrowECgAQin2w//cQACiEOwrG3OTjq8n9CjiGL3jFnqiMAU
PsY+/R1MLa5JVP7/cDPu/jmi6UBWOHpe6cN4wY+kiNQ32oJJESIrwvq5blaNyHMd
Vi666KCD+G+l46BLSrZ/J2JaMgyU0//t4BVVH2Ib/DaH2wZVFsgnDmd6j2CcAdT4
RjIpuRoDkgnjxeHg5RAd/9x4ZFluF60Al/lf/8cGUHmNc31F6ShvBkVG0c8YrHDo
6NNb7+G0FuxrMncQJ56x8118wQCeg5gUsqXBP8aeDfCV7kT91lhQERGypKl+sCuE
nr7LJgHKKoVvj95g/vYRombbaP5iXsdkYHJ9UoviUJLai5qX+E78sVUENadnN/Vx
ColxH1dt2lCvmSZSyoCEOWJIV7PzJYMR0HR6uIgs+9pRPHMeP6VlVBag5XsMHG6C
A1TZzX3X0jS5Q4ZLxGovSrvKBzEh1GttKjhgrYbLXznfaKrh1ywmoy/QXMfOLsZJ
85+m9kRMeWwYK91q8XBJcgtNa5ppqOM1R+obUjzQDLMCAfzhqXMt+52m5/CdjIoH
iSgZ5oEji6IzWQX8TSBk8mXtjARfiQFSR9E+cWmlPC/6J6jmiARyOMygiyfBDmRb
SEsu/X0gYvLRKnkMSzX1vVrbpbyYFp4Cr5KdwnzEeqGgFRbelpjcfphUKHJV+aNA
wWRtO3586io=
=c2Ja
-----END PGP SIGNATURE-----
More information about the rhn-users
mailing list