Firewall and TCP
Raman Gupta
rocketraman at fastmail.fm
Thu Mar 24 03:51:07 UTC 2005
Michael Marsh wrote:
>I have a hardware firewall that forwards incoming connections on port 80
>to port 22 (I can't ssh to my home box from work if I don't use port 80
>since all other outgoing ports are blocked). I am trying to build an
>additional iptables firewall on my linux box which sits behind the
>router. Obviously port 80 is open to the world and the world thinks it
>is an http port so I am getting alot of hack attempts. Is there a way to
>identify any non ssh packets and stop them in their tracks. This is
>tricky since my own ssh connection will travel to port 80 and is then
>forwarded to port 22 behind the router. Are TCP packets identified by
>port number or service type or both. Thanks in advance... I need a
>little education.
>
I've never done it myself, but you could also try using a port knocker,
which would make the port appear closed to the rest of the world. This
would perhaps be a good approach to use in combination with some of the
other suggestions.
http://www.portknocking.org/view/
Cheers,
Raman Gupta
More information about the fedora-list
mailing list