Signed-off-by: Andrew Gilmore <[email protected]> --- RHEL6/input/services/ssh.xml | 2 +- 1 files changed, 1 insertions(+), 1 deletions(-)
diff --git a/RHEL6/input/services/ssh.xml b/RHEL6/input/services/ssh.xml index 4370eb8..93427ac 100644 --- a/RHEL6/input/services/ssh.xml +++ b/RHEL6/input/services/ssh.xml @@ -369,7 +369,7 @@ Edit the files <tt>etc/sysconfig/iptables</tt> and <tt>/etc/sysconfig/ip6tables< (if IPv6 is in use). In each file, locate the line: <pre>-A RH-Firewall-1-INPUT -m state --state NEW -m tcp -p tcp --dport 22 -j ACCEPT</pre> and replace it with: -<pre>-A RH-Firewall-1-INPUT -s netwk /mask -m state --state NEW -p tcp --dport 22 -j ACCEPT</pre> +<pre>-A RH-Firewall-1-INPUT -s netwk/mask -m state --state NEW -p tcp --dport 22 -j ACCEPT</pre> </description> <rationale> Restricting SSH access to only trusted network segments reduces exposure of the SSH -- 1.7.4.4 _______________________________________________ scap-security-guide mailing list [email protected] https://lists.fedorahosted.org/mailman/listinfo/scap-security-guide
