Skip to content

Instantly share code, notes, and snippets.

Embed
What would you like to do?
Kill tcp connection with tcpkill on CentOS

Install tcpkill
yum -y install dsniff --enablerepo=epel

View connections
netstat -tnpa | grep ESTABLISHED.*sshd.

Block with ip tables
iptables -A INPUT -s IP-ADDRESS -j DROP

Kill connection
tcpkill -i eth0 -9 port 50185

Block brute forcing - iptables rules

iptables -L -n

iptables -I INPUT -p tcp --dport 22 -i eth0 -m state --state NEW -m recent --set
iptables -I INPUT -p tcp --dport 22 -i eth0 -m state --state NEW -m recent  --update --seconds 600 --hitcount 3 -j DROP

iptables -A INPUT -p tcp --dport 22 -m state --state NEW -m recent --set --name ssh --rsource
iptables -A INPUT -p tcp --dport 22 -m state --state NEW -m recent ! --rcheck --seconds 600 --hitcount 3 --name ssh --rsource -j ACCEPT

service iptables save
service iptables restart
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment