Security for your Linux SSH using iptables

A few months ago I one of the servers I was looking after got compromised. Basically some script kiddie with too much CPU power on his (her) hands succeeded in a brute-force attack logging into the ssh server. 

Of course now I'm using much longer, harder to crack passwords...

But the other new weapon in my arsenal is a very short script (basically just two lines) - to use this script save it as /etc/init.d/ssh-limit and then run 'update-rc.d -f ssh-limit defaults'. If your external interface is not eth0 then you'll have to adjust the script accordingly.

The script limits the number of connection attempts to port 22 (ssh) for any given IP to 4 attempts per minute - effectively increasing the time it takes to brute-force a password 100-fold (or even more). At that stage an attacker usually looks for an easier target...

Icon ssh-limit (368 bytes)

Next entry

Previous entry

Similar entries


  1. Marcel
    Marcel on 01/17/2012 6:38 p.m.
    Hi Martin! I hope you are doing well - I just came across your blog for the first time today. Have you checked out fail2ban? Similar concept but it covers a wider range of services. I've been running it for a while and it emails you when it bans somebody. Its quite amazing how many bots try brute force attacks every day!


Pingbacks are closed.


Post your comment