# Stop SSH brute force attacks

## Stop ssh brute force attack using SuSEfirewall

Edit /etc/sysconfig/SuSEfirewall2:

do not open ssh ports here

`FW_SERVICES_EXT_TCP=""`  
`FW_CONFIGURATIONS_EXT=""`

add this rule

`FW_SERVICES_ACCEPT_EXT="0.0.0.0/0,tcp,22,,hitcount=3,blockseconds=60,recentname=ssh"`

Restart firewall:

`rcSuSEfirewall2 restart`

Now attacker will just have three attempts to break in.