Good day Linux gurus,
After browsing around the forum, I did not find an answer to my question either here or on a google search. I know someone has an answer to this:
I was checking one of my servers, and had found several attacks against it in the messages log; one specific service is ssh (no surprise there);
I have the following settings in my configuration file
but I discovered a limitation; the xt_recent file is only tracking 100 entries. I at one point had over 300 hosts trying to dictionary attack my system. Granted I use public key authentication, it is traffic, and log entries I’d rather not have.
So my question is is there a ‘simple’ way (some .conf file some where, etc.) to adjust the number of hosts / ip’s xt_recent will keep track of?
Thanks for your help,