BLU Discuss list archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

removing a Linux Keylogger

Subject: removing a Linux Keylogger
From: bill at horne.net (Bill Horne)
Date: Wed, 27 Jul 2005 09:52:33 -0400
In-reply-to: <20050725170752.GN20841@tao>
References: <42E516A5.5090601@neonedge.com> <02083184-70DB-45E4-A882-B3EA15F08F8E@alum.mit.edu> <42E51AC2.1030706@neonedge.com> <20050725170752.GN20841@tao>

dsr at tao.merseine.nu wrote:

>On Mon, Jul 25, 2005 at 01:00:50PM -0400, Grant M. wrote:
>  
>
> [snip]
>
>Second, you want to run a firewall on the machine that rejects
>excessive connection attempts. This iptables fragment:
>
>iptables -I INPUT -p tcp --dport 22 -i eth0 -m state --state NEW -m recent \
>--set
>iptables -I INPUT -p tcp --dport 22 -i eth0 -m state --state NEW -m recent \
>--update --seconds 60 --hitcount 4 -j DROP
>
>will generally prevent scriptkiddies from brute-forcing your SSH
>accounts, by limiting connection attempts to 3 per minute per IP
>address.
>
>  
>
I'm getting errors on these commands: "Unknown arg --set"

I have iptables v 1.2.6a running on Debian with the 2.4.18 kernel.

What version of iptables do I need?

TIA.

Bill

Follow-Ups:
- removing a Linux Keylogger
  - From: dsr at tao.merseine.nu (dsr at tao.merseine.nu)

References:
- removing a Linux Keylogger
  - From: grant at neonedge.com (Grant M.)
- removing a Linux Keylogger
  - From: rajiv at alum.mit.edu (Rajiv Aaron Manglani)
- removing a Linux Keylogger
  - From: grant at neonedge.com (Grant M.)
- removing a Linux Keylogger
  - From: dsr at tao.merseine.nu (dsr at tao.merseine.nu)

Prev by Date: DRM on the way...
Next by Date: removing a Linux Keylogger
Previous by thread: iptables 'recent' stuff
Next by thread: removing a Linux Keylogger
Index(es):
- Date
- Thread


BLU is a member of BostonUserGroups
We also thank MIT for the use of their facilities.

Boston Linux & Unix / webmaster@blu.org