iptables not drop attacks

N

nikohal

Verified User
Joined
Dec 12, 2011
Messages
34
How to block bruce force attack?
I tried to config iptables, but it doesn't seems to work.

Regards, Niko H.
 

Attachments

You could better install a firewall script which can do it for you.
CSF/LFD from configserver is a very good script which also has a DA plugin.
 
I try that, but that not help me. Attacks still come in.

Regards, Niko H.
 
CSF/LFD does not block ip automaticaly.
You must install it, anyways.

Follow this guide
http://help.directadmin.com/item.php?id=380

If you allready have the button "Block IP" in Brute force section you can download this feil

Code: 
cd /usr/local/directadmin/scripts/custom
wget http://files.directadmin.com/services/all/brute_force_notice_ip.sh
chmod 700 brute_force_notice_ip.sh


This file blocks IPs when notice sendes. If you choose alert after 20 attaks and when DA notify you, will also block IP but putting the IP in Firewall.
 
Last edited:
CSF/LFD does not block ip automaticaly.
Click to expand...

No, it does. With default settings it blocks IPs far more earlier than Directadmin notice a brute-force attack from that IP sometimes.
 
That's OK, your installation might differ from mine and new installations might have other defaults which are different from yours and/or mine.
 
I tested CFS and it really block automatically IPs. It even blocks our SMTP output traffic and I don't know how to fix it. But still the attacks came through.

How fix this issue?
 

Attachments

nikohal said:
I tested CFS and it really block automatically IPs. It even blocks our SMTP output traffic and I don't know how to fix it. But still the attacks came through.

How fix this issue?
Click to expand...

And here is my network settings in attachment file.

Regards, Niko H.
 

Attachments

You must log in or register to reply here.
Back
Top