Skip to main content

How to setup iptables firewall effortlessly using ‘recent’ triggering and ipset

In this article are shown example instructions for a simple firewall disallowing new connections if the remote host initiates a connection too often. This is especially the case with SSH brute force attacks. Most administrators know the feeling of annoyance when they look at the system security logs and notice the enormous amounts of failed SSH logins.  What makes the described solution effortless is that there is no need to install and configure a separate log watcher daemon – just bring in some firewall rules. The setup might be most useful in the context of security-sensitive hosts where additional security measures would be justified, even more so if, for some reason, strong (e.g. key based) authentication can’t be used.

The article was originally published over on Upcloud: How to setup iptables firewall effortlessly using ‘recent’ triggering and ipset

Labels:

Comments

Post a Comment

Popular posts from this blog

LDWin: Link Discovery for Windows

LDWin supports the following methods of link discovery: CDP - Cisco Discovery Protocol LLDP - Link Layer Discovery Protocol Download LDWin from here.
Post a Comment
Read more

easywall - Web interface for easy use of the IPTables firewall on Linux systems written in Python3.

Firewalls are becoming increasingly important in today’s world. Hackers and automated scripts are constantly trying to invade your system and use it for Bitcoin mining, botnets or other things. To prevent these attacks, you can use a firewall on your system. IPTables is the strongest firewall in Linux because it can filter packets in the kernel before they reach the application. Using IPTables is not very easy for Linux beginners. We have created easywall - the simple IPTables web interface . The focus of the software is on easy installation and use. Access this neat software over on github: easywall
Post a Comment
Read more

STG (SNMP Traffic Grapher)

This freeware utility allows monitoring of supporting SNMPv1 and SNMPv2c devices including Cisco. Intended as fast aid for network administrators who need prompt access to current information about state of network equipment. Access STG here (original site) or alternatively here .
Post a Comment
Read more