Jump to content
Please Use CODE Tags

Bash Script - Defend against Brute Force Attack

spbr
 Share
Posted

why not just block all incoming ports except for local/trusted IP's?

                     ¸„»°'´¸„»°'´ Vorticalbox `'°«„¸`'°«„¸
`'°«„¸¸„»°'´¸„»°'´`'°«„¸Scientia Potentia est  ¸„»°'´`'°«„¸`'°«„¸¸„»°'´

Link to post
Share on other sites
Posted
  • Author
1 hour ago, KuJoe said:

Is iptables an option for you or do you need a bash script?  


iptables -A INPUT -p icmp -m limit --limit  1/s --limit-burst 1 -j ACCEPT

 

 

Hi KuJoe, could you briefly explain the the above does?

Thank you

 

1 hour ago, vorticalbox said:

why not just block all incoming ports except for local/trusted IP's?

Hi vorticalbox, for this task, I'm assuming that everything is trusted, so I wanting to protect the device from large setnumber of pings from a single source.

Thank you

Link to post
Share on other sites
Posted
22 hours ago, spbr said:

Hi KuJoe, could you briefly explain the the above does?

Thank you

Sorry, I was in the middle of typing something yesterday and got distracted. Basically the iptables rule I posted will allow one ICMP (ping) packet per second, after that it will go to the next rules (which should be a DROP statement).

-KuJoe

Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share
Go to topic listing Programming

×