Skip to content

Instantly share code, notes, and snippets.

Embed
What would you like to do?
Put your sshd on another Port and if somebody scans port 22 he will be blocked for 10 minutes
#!/bin/sh
# Put SSHd on another Port
# If someone scans your typical sshport 22 he will be blocked for 10 Minutes
HP_IPT='/sbin/iptables'
HP_Port=22
HP_Time=600
$HP_IPT -N honeypot
$HP_IPT -A INPUT ! -s 127.0.0.1 -j honeypot
$HP_IPT -A honeypot -m recent --update --seconds $HP_Time --name portscan -j DROP
$HP_IPT -A honeypot -p tcp -m tcp --dport $HP_Port -m recent --name portscan --set -j LOG --log-prefix "IPTABLES -- HONEYPOT -- P $HP_Port " --log-level 6 --log-ip-options
$HP_IPT -A honeypot -p tcp -m tcp --dport $HP_Port -m recent --name portscan --set -j DROP
$HP_IPT -A honeypot -j RETURN
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
You can’t perform that action at this time.