 |
Home
| Calendar
| Mail Lists
| List Archives
| Desktop SIG
| Hardware Hacking SIG
Wiki | Flickr | PicasaWeb | Video | Maps & Directions | Installfests | Keysignings Linux Cafe | Meeting Notes | Linux Links | Bling | About BLU |
|
Home
| Calendar
| Mail Lists
| List Archives
| Desktop SIG
| Hardware Hacking SIG
Wiki | Flickr | PicasaWeb | Video | Maps & Directions | Installfests | Keysignings Linux Cafe | Meeting Notes | Linux Links | Bling | About BLU |
dsr at tao.merseine.nu writes:
> On Mon, Jul 25, 2005 at 02:29:29PM -0400, Don Levey wrote:
>> Dan wrote:
>>
>> So, then, adding this line in the middle:
>>
>> iptables -I INPUT -p tcp --dport 22 -i eth0 -m state --state NEW -m recent \
>> --set
>> iptables -I INPUT -p tcp --dport 22 -i eth0 -m state --state NEW -m recent \
>> -j LOG --log-level WARN --log-prefix REJECT-SSH --log-ip-options
>> iptables -I INPUT -p tcp --dport 22 -i eth0 -m state --state NEW -m recent \
>> --update --seconds 60 --hitcount 4 -j DROP
>>
>> Should allow me to log this also?
>
> Certainly. I don't simply because Snort handles that for me.
>
> Do you want to log all the attempts or just those which result
> in actual DROPs?
If I wanted to only log attemps that result in actual DROPs, how would
I implement that?
Also, where in the iptables (ordered) list would I want to put these?
TIA,
> -dsr-
-derek
--
Derek Atkins, SB '93 MIT EE, SM '95 MIT Media Laboratory
Member, MIT Student Information Processing Board (SIPB)
URL: http://web.mit.edu/warlord/ PP-ASEL-IA N1NWH
warlord at MIT.EDU PGP key available
 |
|
| BLU is a member of BostonUserGroups | |
| We also thank MIT for the use of their facilities. | |
