Hi all!
I am trying to set up some rules against brute-force attack because in the past days i have experienced several attack... in one of them, they succefully registered to my asterisk and they placed many calls around the world (from guatemala to nigeria...:eek:)....
I want to add some line to my firewall-start script but i encounter a problem...
These are the lines i want to add:
but i get this error:
Anyone can help me?
[edit] ok, it is related to some missing modules... but i don't know how and what to add...
I am trying to set up some rules against brute-force attack because in the past days i have experienced several attack... in one of them, they succefully registered to my asterisk and they placed many calls around the world (from guatemala to nigeria...:eek:)....
I want to add some line to my firewall-start script but i encounter a problem...
These are the lines i want to add:
Code:
# Fight the sipreg bots
iptables -I INPUT -s ! 192.168.2.1/24 -p udp --dport 5060 -m recent --set --name ASTERISK
iptables -I INPUT -s ! 192.268.2.1/24 -p udp --dport 5060 -m recent --update --seconds 15 --hitcount 10 --name ASTERISK -j DROP
#iptables -I INPUT -s ! 192.168.2.1/24 -p tcp --dport 5060 -m recent --set --name ASTERISK
#iptables -I INPUT -s ! 192.268.2.1/24 -p tcpp --dport 5060 -m recent --update --seconds 15 --hitcount 10 --name ASTERISK -j DROP
#Fight ssh brute force
iptables -N SSH_CHECK
iptables -A INPUT -p tcp --dport 22 -m state --state NEW -j SSH_CHECK
iptables -A SSH_CHECK -m recent --set --name SSH
iptables -A SSH_CHECK -m recent --update --seconds 60 --hitcount 4 --name SSH -j DROPCode:
iptables: No chain/target/match by that name
iptables v1.3.8: host/network `192.268.2.1' not found
Try `iptables -h' or 'iptables --help' for more information.
iptables: Chain already exists
iptables: No chain/target/match by that name
iptables: No chain/target/match by that name[edit] ok, it is related to some missing modules... but i don't know how and what to add...