SSH Server is a frequent target of brute-force attack to get into your system. Here is a script to block unwanted connections.
# variables FW=/sbin/iptables # iptables command SSHPORT=22 # port sshd is listening to # insert the rules ${FW} -N SSH ${FW} -N SSH_ABL ${FW} -A SSH -m recent --name SSH_ABL --update --seconds 3600 -j REJECT ${FW} -A SSH -m recent --name SSH --rcheck --seconds 60 --hitcount 5 -j SSH_ABL ${FW} -A SSH_ABL -m recent --name SSH_ABL --set -j LOG --log-level warn --log-prefix "ABL: SSH: " ${FW} -A SSH_ABL -j REJECT ${FW} -A SSH -m recent --name SSH --rcheck --seconds 2 -j LOG --log-level warn --log-prefix "RATE: " ${FW} -A SSH -m recent --name SSH --update --seconds 2 -j REJECT ${FW} -A SSH -m recent --name SSH_ABL --remove -j LOG --log-level warn --log-prefix "ABL: -SSH: " ${FW} -A SSH -m recent --name SSH --set -j ACCEPT ${FW} -A INPUT -m state --state NEW -p tcp -m tcp --dport ${SSHPORT} -j SSH
Note: This script is a slight modification of http://www.itwire.com/content/view/13841/53/1/1/