Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- brute_force(){
- echo -n "Preventing Brute Force Attacks..."
- ## Create New Chain
- iptables -N BRUTE_FORCE
- ## FTP/Telnet/SSH
- iptables -A INPUT -i $LAN_IF -p tcp -m conntrack --ctstate NEW -m multiport --dports 21,22,23 -j BRUTE_FORCE
- iptables -A BRUTE_FORCE -m recent --hitcount 2 --rcheck --seconds 15 --name brute_force -m limit --limit 10/min -j ULOG --ulog-prefix "[BRUTE_FORCE DROP]: "
- iptables -A BRUTE_FORCE -m recent --hitcount 2 --update --seconds 15 --name brute_force -j DROP
- iptables -A BRUTE_FORCE -m recent --set --name brute_force -j RETURN
- }
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
