Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Authentication attempts limit #116

Closed
wants to merge 3 commits into from
Closed

Authentication attempts limit #116

wants to merge 3 commits into from

Conversation

ranianr
Copy link
Contributor

@ranianr ranianr commented Mar 18, 2014

some changes in etc/firewall.user and etc/config/firewall to resolve this issue #30

@ranianr
Create firewall.user
2e16b44 
block any IP address who has made more than 3 ssh connections or attempted connections within the past 3 minutes.
@ranianr
Update firewall
883fd34 
add include path for etc/firewall.user to limit  brute force
dismantl
dismantl reviewed Mar 18, 2014
View reviewed changes
default-files/etc/config/firewall
@@ -167,3 +166,15 @@ config rule
option src 'vpn'
option proto 'icmp'
option target 'ACCEPT'

#just a test to block certain IP !
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@RaniaRho, could you remove this rule? We don't want to affect anything unnecessarily.

@ranianr
Copy link
Contributor Author

ranianr commented Mar 18, 2014

@dismantl removed

@dismantl dismantl mentioned this pull request Mar 18, 2014
Open
@areynold areynold added this to the 04-2014 milestone Mar 26, 2014
areynold
areynold reviewed Apr 15, 2014
View reviewed changes
default-files/etc/firewall.user

iptables -I INPUT -i br-lan -p tcp -m tcp --dport 22 -m recent --set --name DEFAULT --rsource

iptables -I INPUT -i br-lan-p tcp -m tcp --dport 22 -m recent --update --seconds 180 --hitcount 4 --name DEFAULT --rsource -j DROP
Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This line causes a fatal error on startup. Should be ...br-lan -p...

@areynold
Copy link
Collaborator

Even with the line 15 change (above), I'm having trouble with these rules. I get disconnected immediately on firewall restart and all subsequent ssh attempts time out. nmap shows port 22 as filtered.

@ranianr ranianr assigned areynold and unassigned jheretic Apr 16, 2014
@areynold areynold mentioned this pull request Apr 18, 2014
Merged
@areynold
Copy link
Collaborator

Couldn't append to this pull request, so incorporating the changes into #120

@areynold areynold closed this Apr 18, 2014
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees

@areynold areynold

Labels
enhancement Needs Review
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
4 participants
@ranianr @areynold @dismantl @jheretic