Tux Training

Stop ssh brute force attack using SuSEfirewall

June 23, 2009, 10:21 am

Edit /etc/sysconfig/SuSEfirewall2:

#do not open ssh ports here FW_SERVICES_EXT_TCP="" FW_CONFIGURATIONS_EXT=""

#add this rule FW_SERVICES_ACCEPT_EXT="0.0.0.0/0,tcp,22,,hitcount=3,blockseconds=60,recentname=ssh"

#Restart firewall: rcSuSEfirewall2 restart

Now attacker will just have three attempts to break in.

Tags: OpenSuse, ssh, suse, susefirewall, susefirewall2
Category: OpenSuse, SSH, Security

Comments are closed.