
1 Nov
2011
1 Nov
'11
6:03 a.m.
Need help understanding iptables. tcp dpt:ssh state NEW recent: SET name: SSH side: source tcp dpt:ssh state NEW recent: UPDATE seconds: 90 hit_count: 4 TTL-Match name: SSH side: source should reduce brute force attack to 4 hits in 90 seconds but last -d reports hundreds of hits per ip all within a second, it then changes ip and starts again. I've not played with iptables until a week ago. I've read up on the ubuntu, centos and fedora iptables info but still the problem. Can someone please point me in a direction to stop attacks from ip addresses after a couple of attempts. Many thanks Roger