Re: [SLE] HOWTO block a host with SuSEFirewall2?

On Thursday 22 December 2005 07:34, Andre Truter wrote:
> I have a problem on one of my servers. A specific host has been
> attacking my server via ssh for the past 5 hours.
>
> Now it is starting to cost me in bandwidth usage.
>
> How can I set up SuSEFirewall2 to just drop all packets from that specific
> host?
>
> Thanks
> --
> Andre Truter | Software Engineer | Registered Linux user #185282
> ICQ #40935899 | AIM: trusoftzaf | http://www.trusoft.za.org
>
> ~ A dinosaur is a salamander designed to Mil Spec ~

Why not try the fix i used to stop these idiots causing problems

I simply reassinged ssh to another port number that is far enough out of the
way to make it safe since then i have had no more attacks i wont publis what
port i am using but it is a five digit number , All of my machines now use
that port by default ..


Pete .


--
If Bill Gates had gotten LAID at High School do YOU think there would be a
Microsoft ? Of course NOT !

You gotta spend a lot of time at your school Locker stuffing underware up
your ass to think , I am going to take on the worlds Computer Industry

-------:heard on Cyber Radio.:-------

AFFA



--
Check the headers for your unsubscription address
For additional commands send e-mail to suse-linux-e-help@xxxxxxxx
Also check the archives at http://lists.suse.com
Please read the FAQs: suse-linux-e-faq@xxxxxxxx

Relevant Pages

  • Re: IPTables rules and hosts that use DHCP
    ... authentication requests with all sorts of passwords and/or usernames. ... fine until the host I am interested in changes its IP address. ... my sister and I act as backup servers for each ... Do you HAVE to have your SSH server on port 22, ...
    (comp.os.linux.misc)
  • Re: IPTables rules and hosts that use DHCP
    ... is fine until the host I am interested in changes its IP address. ... my sister and I act as backup servers for ... each other (nightly backup diffs get sent to the "remote" server), ... Do you HAVE to have your SSH server on port 22, ...
    (comp.os.linux.misc)
  • RE: application for an employment
    ... Are you looking for FTP servers that are not locked down so that you can load files without permission? ... Looking for port 80 will not always find a web site. ... A single IP address can have numerous sites that are accessed using host headers – so knowing the IP may not allow access to the site per se. ... >>> any legitimate business port scanning someone else's network. ...
    (Security-Basics)
  • Re: [SLE] HOWTO block a host with SuSEFirewall2?
    ... >> I have a problem on one of my servers. ... A specific host has been ... >> attacking my server via ssh for the past 5 hours. ...
    (SuSE)
  • Re: [SLE] HOWTO block a host with SuSEFirewall2?
    ... On Thursday 22 December 2005 09:34, Andre Truter wrote: ... > I have a problem on one of my servers. ... A specific host has been ... > attacking my server via ssh for the past 5 hours. ...
    (SuSE)