Merit Network
Can't find what you're looking for? Search the Mail Archives.
  About Merit   Services   Network   Resources & Support   Network Research   News   Events   Home

Discussion Communities: Merit Network Email List Archives

North American Network Operators Group

Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical

Re: a record?

  • From: Patrick Lynchehaun
  • Date: Wed Nov 16 07:53:10 2005

Title: Re: a record?

    In Iptables you can keep port 22 closed until needed, opening it first by telneting to a higher port say 5500 and Iptables just giving access to this ip. If you want to close it again you can telnet back in on another assigned port say 5501, thus closing ssh port to that ip.


    -A RH-Firewall-1-INPUT -m state --state NEW -m tcp -p tcp --dport 22 -m recent --rcheck --name SSH -j ACCEPT
    -A RH-Firewall-1-INPUT -m state --state NEW -m tcp -p tcp --dport 5500 -m recent --name SSH --set -j DROP
    -A RH-Firewall-1-INPUT -m state --state NEW -m tcp -p tcp --dport 5501 -m recent --name SSH --remove -j DROP

    Thanks,
          Patrick.

    >> Moving sshd from port 22 to port 137, 138 or 139. Nasty eh?
    >
    >don't do that! Lots of (access) isps around the world (esp here in
    >Europe) block those ports

    If you're going to move sshd somewhere else, port 443 is a fine
    choice.  Rarely blocked, rarely probed by ssh kiddies.  It's probed
    all the time by malicious web spiders, but since you're not a web
    server, you don't care.

    R's,
    John

This e-mail contains confidential information or information belonging
to Servecentric Ltd and is intended solely for the addressee(s). The
unauthorized disclosure, use, dissemination or copy (either in whole or
in part) of this e-mail, or any information it contains, is prohibited.
Any views or opinions presented are solely those of the author and do
not necessarily represent those of Servecentric Ltd. E-mails are
susceptible to alteration and their integrity cannot be guaranteed.
Servecentric shall not be liable for the contents of this e-mail if
modified or falsified. If you are not the intended recipient of this
e-mail, please delete it immediately from your system and notify the
sender of the wrong delivery and of the email's deletion.




Discussion Communities


About Merit | Services | Network | Resources & Support | Network Research
News | Events | Contact | Site Map | Merit Network Home


Merit Network, Inc.