Tuesday, 6 March 2012

iptables: Blocking attacking IP addresses

Excellent article on using iptables to block an attacking IP address.


I needed to block a known russian SSH/SFTP hacker.

iptables -A INPUT -s -j DROP

Even better for automated blocking of attackers is denyhosts. DenyHosts is a script intended to be run by Linux system administrators to help thwart SSH server attacks (also known as dictionary based attacks and brute force attacks).


No comments: