Re: On defense of the sshd crackers

To: debian-user@lists.debian.org
Subject: Re: On defense of the sshd crackers
From: Celejar <celejar@gmail.com>
Date: Tue, 9 Oct 2007 20:01:31 -0400
Message-id: <[🔎] 20071009200131.b99ba973.celejar@gmail.com>
In-reply-to: <[🔎] 14898.206.159.183.75.1191954650.squirrel@www.dmiyu.org>
References: <[🔎] 14898.206.159.183.75.1191954650.squirrel@www.dmiyu.org>

On Tue, 9 Oct 2007 11:30:50 -0700 (PDT)
"Steve Lamb" <grey@dmiyu.org> wrote:

>     Along with all the other excellent suggestions what I do on my machines
> is firewall off the port to the public interfaces via shorewall.  Then I
> found a portknock daemon and got it to open up the ssh port on a
> specific knock sequence.  After all that I reopened the port to any IP

Note that shorewall itself (now?) supports portknocking natively - see
shorewall-doc/html/PortKnocking.html

> Steve Lamb

Celejar
--
mailmin.sourceforge.net - remote access via secure (OpenPGP) email
ssuds.sourceforge.net - A Simple Sudoku Solver and Generator

Reply to:

Follow-Ups:
- Re: On defense of the sshd crackers
  - From: Steve Lamb <grey@dmiyu.org>

References:
- Re: On defense of the sshd crackers
  - From: "Steve Lamb" <grey@dmiyu.org>

Prev by Date: evolution sigsegv when edit-preferences
Next by Date: Re: rescue bootable cd ???
Previous by thread: Re: On defense of the sshd crackers
Next by thread: Re: On defense of the sshd crackers
Index(es):
- Date
- Thread