Block brute force attacks with iptables
Because iptables comes standard with every Linux distribution we’ll skip right to setting up the specific firewall rules we need. In depth configuring of iptables takes a bit of understanding and is not within the scope of this article, but let’s take a look at these two statements:
sudo iptables -A INPUT -i eth0 -p tcp –dport 22 -m state –state NEW -m recent –set –name SSH
sudo iptables -A INPUT -i eth0 -p tcp –dport 22 …

Solaris firewalls with IPfilter
IPfilter  can be used to construct firewalls (or just to filter and/or log packets) on all supported
operating systems, which includes Solaris. I’ve installed ipfilter on roswell.sdsu.edu with
the configuration given below. Note that no packets are currently being blocked, just logged. My plan is run this for several days to “tune” it and then convert it to block unwanted packets. My concerns for tuning include udp services, passive ftp connections, and web servers not included below. If you …

Rule for port blocking.
Note that it does not start up by default, since there are no symlinks into the run-script directories.
Quick start guide:

1.
Put some lines into /etc/opt/ipf/ipf.conf such as

block in on lan0 from any to any port = 23
block in on lan0 proto icmp from any to any
block in on hme0 from any to any port = 8443
block in on hme0 from any to any port = 8080
pass in quick from 192.168.0.1/24 to any …