1 |
hello |
2 |
I am attempting create a tarpit to protect against SSH Brute force |
3 |
attempts. I tried this: |
4 |
|
5 |
iptables -N SSH_Brute_Force |
6 |
iptables -A INPUT -p tcp --dport 22 -m state --state NEW -j SSH_Brute_Force |
7 |
iptables -A SSH_Brute_Force -s 192.168.1.254 -j RETURN |
8 |
iptables -A SSH_Brute_Force -m recent --name SSH --set --rsource |
9 |
iptables -A SSH_Brute_Force -m recent ! --rcheck --seconds 60 |
10 |
--hitcount 3 --name SSH --rsource -j RETURN |
11 |
iptables -A SSH_Brute_Force -j LOG --log-prefix "SSH Brute Force Attempt: " |
12 |
iptables -A SSH_Brute_Force -p tcp -j TARPIT |
13 |
After I type the last command typed I got this error message: |
14 |
iptables: No chain/target/match by that name |
15 |
|
16 |
What am I doing wrong? |
17 |
Here is the website I used as a reference for the tarpit: |
18 |
http://lists.netfilter.org/pipermail/netfilter/2005-June/060914.html |
19 |
|
20 |
-- |
21 |
gentoo-user@g.o mailing list |