Re: web alternative to knockd for a "secure" sshd server?

To: debian-user@lists.debian.org
Subject: Re: web alternative to knockd for a "secure" sshd server?
From: charles norwood <crn@pacbell.net>
Date: Fri, 20 Apr 2007 19:51:50 -0700
Message-id: <[🔎] 1177123910.9191.21.camel@localhost.localdomain>
In-reply-to: <[🔎] cc703c350704200603l5319bea2u4eda8166fa443628@mail.gmail.com>
References: <[🔎] cc703c350704200247id1218efi8bcb07eafefd34fa@mail.gmail.com> <[🔎] 20070420112937.GA28413@santiago.connexer.com> <[🔎] cc703c350704200603l5319bea2u4eda8166fa443628@mail.gmail.com>

On Fri, 2007-04-20 at 16:03 +0300, Nick Demou wrote:
> On 4/20/07, Roberto C. Sánchez <roberto@connexer.com> wrote:
> > On Fri, Apr 20, 2007 at 12:47:20PM +0300, Nick Demou wrote:
> > > [...]
> > > Any other idea of simple measures that will keep as many attackers
> > > away from the one and only service that is listening to the Internet?
> > >
> > Well, if which outbound ports are available is a real concern, then
> > consider the following:
> >
> >  - rate-limit new ssh connections (I use this)
> > [this] will keep your logs from getting cluttered (and will also slow
> > attackers down greatly so that they take longer to get to other people's
> > machines).
> do you mean to configure iptables in order to limit cons/min?
> what rules do you use? any pointer to the web?
Try:
http://www.debian-administration.org/articles/187

Reply to:

References:
- web alternative to knockd for a "secure" sshd server?
  - From: "Nick Demou" <ndemou@gmail.com>
- Re: web alternative to knockd for a "secure" sshd server?
  - From: Roberto C. Sánchez <roberto@connexer.com>
- Re: web alternative to knockd for a "secure" sshd server?
  - From: "Nick Demou" <ndemou@gmail.com>

Prev by Date: Problem installing Debian Lenny "Failed to install base system"
Next by Date: Re: User level alternatives?
Previous by thread: Re: web alternative to knockd for a "secure" sshd server?
Next by thread: Re: web alternative to knockd for a "secure" sshd server?
Index(es):
- Date
- Thread