Costantino wrote:
>You can test whether that's the case or not by launching the command that I've
>provided.
Actually I can't as my firewall doesn't have any web server installed - in fact
it has no outside accessible services on it.
I did try using another box on my network as a target (rather
ll Users
Subject: Re: [Shorewall-users] constraint port access to specific application
"Costantino" wrote:
> OK, let me provide more info.
> As I discovered, using a rule like the following:
> DNATnet fw:$FW_LAN_side:22 tcp 7805
> did not prevent an attacker from going thr
"Costantino" wrote:
> OK, let me provide more info.
> As I discovered, using a rule like the following:
> DNAT net fw:$FW_LAN_side:22 tcp 7805
> did not prevent an attacker from going through my Shorewall firewall by
> issuing a command equivalent to the following:
> wget
> "http://:78
On 01/09/2013 02:04 AM, Costantino wrote:
> OK, let me provide more info.
>
>
>
> As I discovered, using a rule like the following:
>
>
>
> DNAT net fw:$FW_LAN_side:22 tcp 7805
>
>
>
> did not prevent an attacker from going through my Shorewall firewall by
> issuing a co
ting port 7805 to process sshd.
Thanks for your help,
Costa
From: Costantino [mailto:watchs...@yahoo.co.uk]
Sent: 08 January 2013 12:03
To: 'Shorewall Users'
Subject: [Shorewall-users] constraint port access to specific application
Following the discovery of an http scanning
Following the discovery of an http scanning attempt on a port on my firewall
that I intended dedicated to ssh access use, I've come to realise that I
didn't know how to use Shorewall to constraint port access to specific
application of my choice.
A quick search on the Internet did not provide me
