[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: On defense of the sshd crackers

On Tue, 9 Oct 2007 11:30:50 -0700 (PDT)
"Steve Lamb" <grey@dmiyu.org> wrote:

>     Along with all the other excellent suggestions what I do on my machines
> is firewall off the port to the public interfaces via shorewall.  Then I
> found a portknock daemon and got it to open up the ssh port on a
> specific knock sequence.  After all that I reopened the port to any IP

Note that shorewall itself (now?) supports portknocking natively - see

> Steve Lamb

mailmin.sourceforge.net - remote access via secure (OpenPGP) email
ssuds.sourceforge.net - A Simple Sudoku Solver and Generator

Reply to: