iptables ftp bruteforce block example

-A INPUT -p tcp --dport 20 -j ACCEPT
-A INPUT -p tcp --match multiport --dports 64000:65535 -j ACCEPT
-A INPUT -p tcp -m state --state NEW --dport 21 -m recent --name ftpattack --set
-A INPUT -p tcp --dport 21 -m state --state NEW -m recent --name ftpattack --rcheck --seconds 60 --hitcount 4 -j LOG --log-prefix "FTP REJECT: "
-A INPUT -p tcp --dport 21 -m state --state NEW -m recent --name ftpattack --rcheck --seconds 60 --hitcount 4 -j REJECT --reject-with tcp-reset
-A INPUT -p tcp --syn --dport 21 -j ACCEPT

Linux technical support - [email protected]

iptables ftp bruteforce block example

Leave a Reply Cancel reply