singpolyma

Asked: 2011-12-21 07:25:57 +0800 CST2011-12-21 07:25:57 +0800 CST 2011-12-21 07:25:57 +0800 CST

Slow down potential attackers

My server occasionally get massively hit by (probably bots) on a small group of IPs. Is there a good way (probably in iptables) to slow down or temporarily block/tarpit connections coming from an IP that has connected many times recently?

2 Answers

Voted

Best Answer

adaptr
2011-12-21T07:28:44+08:002011-12-21T07:28:44+08:00
Yes, iptables supports this kind of dynamic rate limiting.

See here for details: http://codingfreak.blogspot.com/2010/01/iptables-rate-limit-incoming.html
0
Tim
2011-12-21T07:51:18+08:002011-12-21T07:51:18+08:00
Maybe denyhosts would be a useful tool for you.
0

Slow down potential attackers

Ping a Specific Port

Check if port is open or closed on a Linux server?

How to automate SSH login with password?

How do I tell Git for Windows where to find my private RSA key?

What's the default superuser username/password for postgres after a new install?

What port does SFTP use?

Resolve host name from IP address

Command line to list users in a Windows Active Directory group?

What is a Pem file and how does it differ from other OpenSSL Generated Key File Formats?

How to determine if a bash variable is empty?