George
-Original Message-
From: centos-boun...@centos.org [mailto:centos-boun...@centos.org] On
Behalf Of SilverTip257
Sent: Friday, August 03, 2012 11:21 PM
To: CentOS mailing list
Subject: Re: [CentOS] [SOLVED] iptables rule question for Centos 5
Marvin,
You're leaving SSH open
] On
Behalf Of Keith Roberts
Sent: Saturday, August 04, 2012 2:43 AM
To: CentOS mailing list
Subject: Re: [CentOS] [SOLVED] iptables rule question for Centos 5
On Fri, 3 Aug 2012, SilverTip257 wrote:
To: CentOS mailing list centos@centos.org
From: SilverTip257 silvertip...@gmail.com
Subject: Re
On Fri, 3 Aug 2012, SilverTip257 wrote:
To: CentOS mailing list centos@centos.org
From: SilverTip257 silvertip...@gmail.com
Subject: Re: [CentOS] [SOLVED] iptables rule question for Centos 5
Marvin,
You're leaving SSH open to the world with that.
If this is a box behind a firewall
On 08/04/2012 01:43 AM, Keith Roberts wrote:
On Fri, 3 Aug 2012, SilverTip257 wrote:
To: CentOS mailing list centos@centos.org
From: SilverTip257 silvertip...@gmail.com
Subject: Re: [CentOS] [SOLVED] iptables rule question for Centos 5
Marvin,
You're leaving SSH open to the world
On Sat, Aug 04, 2012 at 02:37:54AM -0500, Johnny Hughes wrote:
Moving the port to a non-standard port is better than nothing ... but
only be a very slight bit. It might work on the least knowledgeable
script kiddies who only look at port 22, but it will do nothing to hide
the fact that it is
We have a simple configuration so we could get by with this
-A RH-Firewall-1-INPUT -m state --state NEW -m tcp -p tcp --dport 22 -j
ACCEPT
-A RH-Firewall-1-INPUT -s SOURCIPADDRESS -j REJECT --reject-with
icmp-host-prohibited
it doesn't scale well but servies the purpose.
Marvin,
You're leaving SSH open to the world with that.
If this is a box behind a firewall, then it's not _as much of a
concern_ ... otherwise you're opening that server up to ssh brute
force attempts.
Your existing configuration is probably set up to drop/reject if
traffic does not match any of
7 matches
Mail list logo
