Stop ssh brute force attack using SuSEfirewall

Edit /etc/sysconfig/SuSEfirewall2:

#do not open ssh ports here
FW_SERVICES_EXT_TCP=""
FW_CONFIGURATIONS_EXT=""

#add this rule
FW_SERVICES_ACCEPT_EXT="0.0.0.0/0,tcp,22,,hitcount=3,blockseconds=60,recentname=ssh"

#Restart firewall:
rcSuSEfirewall2 restart

Now attacker will just have three attempts to break in.

This entry is filed under Security. You can follow any responses to this entry through the RSS 2.0 feed.