[colug-432] IPtables

Steve VanSlyck s.vanslyck at postpro.net
Wed May 13 10:17:49 EDT 2015


Looks like I do. I'll move it down.


On Wed, May 13, 2015, at 10:10, Tim Randles wrote:
> Do you have an iptables rule ahead of that drop rule allowing SSH
> inbound?
>
> On Wed, May 13, 2015 at 7:28 AM, Steve VanSlyck
> <s.vanslyck at postpro.net> wrote:
>> __
>> Hi.
>>
>> I have this rule set it IPTABLES:
>>
>> Chain INPUT (policy DROP 1 packets, 44 bytes) pkts bytes target prot
>> opt in out source destination
>>
>> 4 212 DROP all -- * * 213.0.0.0/8 0.0.0.0/0
>>
>> However I still see attacks from 213.30.22.232 with username attempts
>> in the log. It seems iptables is not dropping the connection if it
>> gets to the point where submitting a user login name is allowed.
>>
>> Comments?
>>
>>
>> _______________________________________________
>>
colug-432 mailing list
>> colug-432 at colug.net http://lists.colug.net/mailman/listinfo/colug-432
>>
>
> _________________________________________________
> colug-432 mailing list colug-432 at colug.net
> http://lists.colug.net/mailman/listinfo/colug-432

-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.colug.net/pipermail/colug-432/attachments/20150513/9443c331/attachment-0001.html 


More information about the colug-432 mailing list