[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

RE: Filtering IP addresses by domain name



OOOps, there is a tiny mistake there, instead of parameter "IP_of_your_SSH_server" you shold put there IP range of IP's that you DO want to have access to your SSH server box.

Regards,

Anže

-----Original Message-----
From: redhat-list-bounces redhat com [mailto:redhat-list-bounces redhat com] On Behalf Of Anže Vidmar
Sent: Monday, June 06, 2005 3:59 PM
To: General Red Hat Linux discussion list
Subject: RE: Filtering IP addresses by domain name

First of all change the port of your SSH server, perhaps give it a large number such as 37854 (juas an example). Just doing this, will reduce your ssh attacks for 99% ;-)

Next, you want to do change following files, to match:

/etc/hosts.deny
ALL:ALL


...and:

/etc/hosts.allow
sshd: IP_of_your_SSH_server


Next, for IP tables do:

iptables -P INPUT DROP
iptables -A INPUT -s IP_of_your_SSH_server --dport your_new_ssh_port -j ACCEPT

This should be bulletproof (in theory), but only changing the ssh port, will reduce your ssh attacks for 99%, you'll see :)




[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]