ป้องกัน ssh ด้วย iptables

#Brute Force Protection
iptables -N sshscan
iptables -A INPUT -p tcp --dport 22 -m state --state NEW -j sshscan
iptables -A INPUT -p tcp -m tcp --dport 22 --syn -i eth1 -j ACCEPT
iptables -A sshscan -m recent --set --name SSH
iptables -A sshscan -m recent --update --seconds 300 --hitcount 3 --name SSH -j LOG --log-level info --log-prefix "SSH brute force:"
iptables -A sshscan -m recent --update --