Posted on 2015/03/18 18:35
Filed Under 리눅스기술문서/팁앤테크 조회수: view 14078

- 패스워드 공격 :

iptables -A INPUT -p tcp —dport 22 -m state —state NEW -m recent —set —name SSHSCAN

iptables -A INPUT -p tcp —dport 22 -m state —state NEW -m recent —update —seconds 60 —hitcount 8 —rttl —name SSHSCAN -j LOG —log-prefix SSH_SCAN:

iptables -A INPUT -p tcp —dport 22 -m state —state NEW -m recent —update —seconds 60 —hitcount 8 —rttl —name SSHSCAN -j DROP

혹은 ..

  1. /etc/rc.d/init.d/iptables save
  1. vi /etc/sysconfig/iptables
  1. Generated by iptables-save v1.4.7 on Mon Nov 24 18:13:04 2014
*filter :INPUT ACCEPT [77821:18947147]
  1. 룰 추가
-A INPUT -p tcp —dport 22 -m state —state NEW -m recent —set —name SSHSCAN -A INPUT -p tcp —dport 22 -m state —state NEW -m recent —update —seconds 60 —hitcount 8 —rttl —name SSHSCAN -j LOG —log-prefix SSH_Scan: -A INPUT -p tcp —dport 22 -m state —state NEW -m recent —update —seconds 60 —hitcount 8 —rttl —name SSHSCAN -j DROP
  1. 룰 추가 끝
:FORWARD ACCEPT [0:0] :OUTPUT ACCEPT [76355:16945171] COMMIT
  1. Completed on Mon Nov 24 18:13:04 2014
  1. /etc/rc.d/init.d/iptables start
  1. chkconfig —level 345 iptables on

fail2ban 설치. http://www.fail2ban.org

- DDos 공격 :

iptables -A INPUT -p tcp –dport 80 -m recent –update –seconds 1 –hitcount 10 –name HTTP -j DROP

Writer profile
author image
-아랑 -
2015/03/18 18:35 2015/03/18 18:35

트랙백 주소 : 이 글에는 트랙백을 보낼 수 없습니다

About

by 서진우
Twitter :@muchunalang

Counter

• Total
: 4360862
• Today
: 530
• Yesterday
: 1813