Modifying the SSH ban list.

6 04 2009

Hi everybody!

How many times have you locked yourself out of your remote server by being too quick for your own good? My servers are all set to ban an IP after 3 connection attempts within a minute, so it happens quite regularly that I lock myself out.

The list of banned IPs is stored in /proc/net/ipt_recent. There are a couple of commands this ‘file’ understands…

To see what IPs are currently banned, use:

cat /proc/net/ipt_recent/BAN_LIST_NAME).

To remove an IP from the list use:

echo "-xxx.xxx.xxx.xxx" > /proc/net/ipt_recent/BAN_LIST_NAME

To add a suspicious or known bad IP:

echo "+xxx.xxx.xxx.xxx" > /proc/net/ipt_recent/BAN_LIST_NAME

To remove all entries (not really a very good idea):

echo "clear" > /proc/net/ipt_recent/BAN_LIST_NAME

That’s all for now.

n00b

Advertisements

Actions

Information

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s




%d bloggers like this: