[ale] iptables

Ken Ratliff forsaken at targaryen.us
Fri Jan 16 18:00:15 EST 2009


If I remember right, it creates the fail2ban chain, and when an ssh  
connection comes in, it references that chain to see if the IP is in  
the list, if it is, it drops it, otherwise it lets it go. I use it on  
my webserver, since it's a frequent target of brute force  
authentication attempts.

On Jan 16, 2009, at 5:19 PM, Paul Cartwright wrote:

> On Fri January 16 2009, Ken Ratliff wrote:
>> *filter
>>
>> :fail2ban-ssh - [0:0]
>>
>> -A INPUT -p tcp -m tcp --dport 22 -j fail2ban-ssh
>> -A fail2ban-ssh -j RETURN
>
> I looked up fail2ban, looks like it isn't ready for stable yet..
> yet aptitude install fail2ban worked.. I use ssh, what exactly does  
> those
> lines do for you??
>
> -- 
> Paul Cartwright
> Registered Linux user # 367800
> Registered Ubuntu User #12459
> _______________________________________________
> Ale mailing list
> Ale at ale.org
> http://mail.ale.org/mailman/listinfo/ale

-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://mail.ale.org/pipermail/ale/attachments/20090116/67aa9d35/attachment.html 
-------------- next part --------------
A non-text attachment was scrubbed...
Name: PGP.sig
Type: application/pgp-signature
Size: 194 bytes
Desc: This is a digitally signed message part
Url : http://mail.ale.org/pipermail/ale/attachments/20090116/67aa9d35/attachment.bin 


More information about the Ale mailing list