[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: [Fedora] Re: Blocking SSH ... BUT...



Ashley M. Kirchner wrote:
Mike Wright wrote:

Allow your subnets before the above rules.  Here's a sample rule:

-A INPUT -s 10.0.0.0/24 -p tcp --dport 22 --syn -j ACCEPT
# subnet    ^^^^^^^^^^^

You'd need one rule for each subnet.

hth


   Awesome Mike, that worked like a charm.  Thanks!

Very welcome.

Somewhat related question: would the same rules work for ftp attacks as well? Obviously replacing the port number with 21, but would they work? Duplicate the lines, replace port and hope that ftp also gets curbed the same way?


I think so. I know that there are connection tracking issues with ftp but I don't think that applies here. Each connection starts with an initial NEW packet.


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]