Re: easiest way to shut down all network services besides ssh?

To: debian-user@lists.debian.org
Subject: Re: easiest way to shut down all network services besides ssh?
From: Hans <hans.ullrich@loop.de>
Date: Thu, 18 Dec 2014 11:03:33 +0100
Message-id: <[🔎] 2597450.Ns2OQTrcH2@protheus2>
In-reply-to: <[🔎] 86egrxthyx.fsf@gaheris.avalon.lan>
References: <[🔎] CAC4O8c_s_bQvyE980Fj2OK+qdEeiNkmCp3u0aqcw4HJSRi5U1g@mail.gmail.com> <[🔎] 86egrxthyx.fsf@gaheris.avalon.lan>

Am Donnerstag, 18. Dezember 2014, 10:39:18 schrieb Mart van de Wege:
> Britton Kerin <britton.kerin@gmail.com> writes:
> > I have a system that I would like to make accessible only by ssh.
> > 
> > No apache telnet ftp anything else.
> > 
> > What is the easiest way to achieve this?  It came from a vendor with
> > a slew of package of all sorts, so I don't even know everything that
> > I want to remove.
> 
> Simplest solution is to use iptables to reject all traffic except for
> port 22:
> 
> iptables -I INPUT -p tcp --dport 22 -j ACCEPT
> iptables -P INPUT DROP
> 
> Of course, this depends on none of the shell users having root access.
> 
> Mart

I would additionally uninstall all not needed packages. Maybe you can find out 
with netstat, which program is listening.

You might also want to install denyhosts to prevent brute force attacks. Also 
portsentry might be interesting for you.

happy hacking

Hans

Reply to:

References:
- easiest way to shut down all network services besides ssh?
  - From: Britton Kerin <britton.kerin@gmail.com>
- Re: easiest way to shut down all network services besides ssh?
  - From: Mart van de Wege <mvdwege@gmail.com>

Prev by Date: Re: easiest way to shut down all network services besides ssh?
Next by Date: Re: easiest way to shut down all network services besides ssh?
Previous by thread: Re: easiest way to shut down all network services besides ssh?
Next by thread: Re: easiest way to shut down all network services besides ssh?
Index(es):
- Date
- Thread