Am Donnerstag, 18. Dezember 2014, 10:39:18 schrieb Mart van de Wege: > Britton Kerin <britton.ke...@gmail.com> writes: > > I have a system that I would like to make accessible only by ssh. > > > > No apache telnet ftp anything else. > > > > What is the easiest way to achieve this? It came from a vendor with > > a slew of package of all sorts, so I don't even know everything that > > I want to remove. > > Simplest solution is to use iptables to reject all traffic except for > port 22: > > iptables -I INPUT -p tcp --dport 22 -j ACCEPT > iptables -P INPUT DROP > > Of course, this depends on none of the shell users having root access. > > Mart
I would additionally uninstall all not needed packages. Maybe you can find out with netstat, which program is listening. You might also want to install denyhosts to prevent brute force attacks. Also portsentry might be interesting for you. happy hacking Hans -- To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: https://lists.debian.org/2597450.Ns2OQTrcH2@protheus2
