Re: On defense of the sshd crackers
On Tue, 9 Oct 2007 11:30:50 -0700 (PDT)
"Steve Lamb" <grey@dmiyu.org> wrote:
> Along with all the other excellent suggestions what I do on my machines
> is firewall off the port to the public interfaces via shorewall. Then I
> found a portknock daemon and got it to open up the ssh port on a
> specific knock sequence. After all that I reopened the port to any IP
Note that shorewall itself (now?) supports portknocking natively - see
shorewall-doc/html/PortKnocking.html
> Steve Lamb
Celejar
--
mailmin.sourceforge.net - remote access via secure (OpenPGP) email
ssuds.sourceforge.net - A Simple Sudoku Solver and Generator
Reply to: