Re: [CentOS] sshd: Authentication Failures: 137 Time(s)

> Hi, > > to prevent scripted dictionary attacks to sshd > I applied those iptables rules: > > -A INPUT -p tcp -m state --state NEW -m tcp --dport 22 -m recent > --update --seconds 60 --hitcount 4 --name SSH --rsource -j DROP > -A INPUT -p tcp -m state --state NEW -m tcp --dport 22 -m recent --

Re: [CentOS] sshd: Authentication Failures: 137 Time(s)

> Introducing a Hawk helped us a lot. Tools like Hawk and fail2ban are quite > useful, actually only thinks like that have good impact on the bruteforce > attempts. Indeed! I run Fail2Ban not only against SSH, but against SMTP/AUTH and IMAPS/POP3S (the only client mail protocols we support). It