mgutt Posted December 22, 2020 Share Posted December 22, 2020 I like to see some iptables rules that limit local brute-force attacks. The amount of requests and period of time should be changeable through the WebGUI. With UFW I would generate the rules as follows: ufw limit ssh ufw limit http ufw limit https Which would generate iptables rules similar to this: -A ufw-user-input -p tcp -m tcp --dport 22 -m conntrack --ctstate NEW -m recent --set --name DEFAULT --mask 255.255.255.255 --rsource -A ufw-user-input -p tcp -m tcp --dport 22 -m conntrack --ctstate NEW -m recent --update --seconds 30 --hitcount 6 --name DEFAULT --mask 255.255.255.255 --rsource -j ufw-user-limit -A ufw-user-input -p tcp -m tcp --dport 22 -j ufw-user-limit-accept ... By that a (local) bad client is not able to test passwords every millisecond or even faster. And yes, strong passwords are the most important part, I know Quote Link to comment
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.