- brute_force(){
- echo -n "Preventing Brute Force Attacks..."
- ## Create New Chain
- iptables -N BRUTE_FORCE
- ## FTP/Telnet/SSH
- iptables -A INPUT -i $LAN_IF -p tcp -m conntrack --ctstate NEW -m multiport --dports 21,22,23 -j BRUTE_FORCE
- iptables -A BRUTE_FORCE -m recent --hitcount 2 --rcheck --seconds 15 --name brute_force -m limit --limit 10/min -j ULOG --ulog-prefix "[BRUTE_FORCE DROP]: "
- iptables -A BRUTE_FORCE -m recent --hitcount 2 --update --seconds 15 --name brute_force -j DROP
- iptables -A BRUTE_FORCE -m recent --set --name brute_force -j RETURN
- }
SHARE
TWEET
Untitled
a guest
Jan 21st, 2015
202
Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
RAW Paste Data