Re: easiest way to shut down all network services besides ssh?
Britton Kerin <britton.kerin@gmail.com> writes:
> I have a system that I would like to make accessible only by ssh.
>
> No apache telnet ftp anything else.
>
> What is the easiest way to achieve this? It came from a vendor with
> a slew of package of all sorts, so I don't even know everything that
> I want to remove.
>
Simplest solution is to use iptables to reject all traffic except for
port 22:
iptables -I INPUT -p tcp --dport 22 -j ACCEPT
iptables -P INPUT DROP
Of course, this depends on none of the shell users having root access.
Mart
--
"We will need a longer wall when the revolution comes."
--- AJS, quoting an uncertain source.
Reply to: