Comments on: Setting up iptables to throttle incoming ssh

By: Phil

Phil — Fri, 15 Jan 2010 23:50:09 +0000

Chris’ approach (1) doesn’t waste the SSH daemon’s time (2) is more secure since it drops packets as soon as possible and (3) is more dynamic and self-sufficient than simple throwing people in hosts.deny (which can get long, must be parsed on every connection, etc.)

By: poucet

poucet — Sun, 22 Nov 2009 09:26:20 +0000

Hello Nicolas,

Yes I know about /etc/hosts.deny. Another option would’ve been to simply blackhole traffic from ip’s using iptable. However, the reason I went with the above approach is that I did not want static permanent blocks, and I wanted to learn a bit more about iptables.

By: Nicolas Pouillard

Nicolas Pouillard — Sun, 22 Nov 2009 09:10:54 +0000

Hi,

I use denyhosts which in turn uses /etc/hosts.deny. Did you know it?