LinuxQuestions.org
Latest LQ Deal: Latest LQ Deals
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Security
User Name
Password
Linux - Security This forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.

Notices


Reply
  Search this Thread
Old 02-22-2007, 12:55 AM   #1
stefaandk
Member
 
Registered: Jun 2005
Distribution: Centos
Posts: 215

Rep: Reputation: 30
Iptables rule for ftp scanning


Getting hit with FTP scanners and I would like an iptables rule that for example only allows 1 attempt per minute.

Any way that iptables can do this?

Thanks.
 
Old 02-22-2007, 01:13 AM   #2
//////
Member
 
Registered: Nov 2005
Location: Land of Linux :: Finland
Distribution: Arch Linux && OpenBSD 7.4 && Pop!_OS && Kali && Qubes-Os
Posts: 824

Rep: Reputation: 350Reputation: 350Reputation: 350Reputation: 350
This should work
Code:
iptables -A INPUT -p tcp -i eth0 --dport 21 -m limit --limit 1/m --syn -j DROP
 
Old 02-22-2007, 01:26 AM   #3
stefaandk
Member
 
Registered: Jun 2005
Distribution: Centos
Posts: 215

Original Poster
Rep: Reputation: 30
Thanks for the quick rsponse, one thing I need to add to this I just thought of is apply this rule if it comes from the same IP.

Otherwise I assume that I have 2 connections coming in in the same minute from different IP's it'll stop that as well?
 
Old 02-22-2007, 01:43 AM   #4
stefaandk
Member
 
Registered: Jun 2005
Distribution: Centos
Posts: 215

Original Poster
Rep: Reputation: 30
I'm afraid that rule doesn't work though.

Just ran it and I opened a few FTP's simultaneously no problem.

And I am on eth0

Any suggestions, thanks.
 
Old 02-25-2007, 05:19 PM   #5
stefaandk
Member
 
Registered: Jun 2005
Distribution: Centos
Posts: 215

Original Poster
Rep: Reputation: 30
I found a solution to this:

http://www.debian-administration.org/articles/187
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
iptables rule for ftp dcdbutler Linux - Networking 5 10-15-2006 12:12 PM
iptables rule clarification branden_burger Linux - Security 4 06-02-2006 04:55 PM
What is it doing this iptables rule?? lanczer Linux - Security 1 02-24-2006 11:26 AM
help with iptables rule!! vishamr2000 Linux - Security 6 11-09-2005 05:34 AM
IPTables Rule... Grim Reaper Linux - Software 8 04-28-2003 12:20 PM

LinuxQuestions.org > Forums > Linux Forums > Linux - Security

All times are GMT -5. The time now is 06:03 PM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Open Source Consulting | Domain Registration