Re: iptables: identify host with DSL/Fritzbox

To: debian-isp@lists.debian.org
Subject: Re: iptables: identify host with DSL/Fritzbox
From: Keith Edmunds <kae@midnighthax.com>
Date: Tue, 20 Jan 2009 14:05:01 +0000
Message-id: <[🔎] 20090120140501.5f8461e3@kae.tiger-computing.co.uk>
In-reply-to: <[🔎] 8763kanr4l.fsf@kassiopeya.MSHEIMNETZ>
References: <[🔎] 87k58rx7vr.fsf@kassiopeya.MSHEIMNETZ> <[🔎] 20090119223749.70add867@aspire.in.tiger-computing.com> <[🔎] 8763kanr4l.fsf@kassiopeya.MSHEIMNETZ>

On Tue, 20 Jan 2009 12:39:22 +0100, sebastian_rose@gmx.de said:

> Wouldn't this mean to run a second sshd (with the certificate)?

No.

> The sense of my little defense program is to avoid brute force attacks
> too. How would I do that in that case?

No change.

An OpenVPN connection can be separately firewalled on your server. You
could allow SSH access to all connections coming in over the VPN. No need
for a second sshd, and no change to the scanning for other intruders
(except don't block port 1194 UDP, which is OpenVPN's default port,
obviously).


-- 
|Keith Edmunds
|Tiger Computing Ltd
|"The Linux Specialists"
|
|Tel: 033 0088 1511
|Web: http://www.tiger-computing.co.uk
|
|Registered in England. Company number: 3389961
|Registered address: Wyastone Business Park,
| Wyastone Leys, Monmouth, NP25 3SR

Reply to:

Follow-Ups:
- Re: iptables: identify host with DSL/Fritzbox
  - From: Sebastian Rose <sebastian_rose@gmx.de>

References:
- iptables: identify host with DSL/Fritzbox
  - From: Sebastian Rose <sebastian_rose@gmx.de>
- Re: iptables: identify host with DSL/Fritzbox
  - From: Keith Edmunds <kae@midnighthax.com>
- Re: iptables: identify host with DSL/Fritzbox
  - From: Sebastian Rose <sebastian_rose@gmx.de>

Prev by Date: Etch and MySQL 5.1 (64-bit)
Next by Date: Re: Etch and MySQL 5.1 (64-bit)
Previous by thread: Re: iptables: identify host with DSL/Fritzbox
Next by thread: Re: iptables: identify host with DSL/Fritzbox
Index(es):
- Date
- Thread