Re: attempts to hack in?

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

On 2017-06-29 23:25, Samuel Sieb wrote:

On 06/29/2017 06:24 PM, Doug wrote:
I tried to write this command to a root console in PCLInuxOS, but it got rejected.
[root@linux1 doug]# iptables -t filter -A IN_public_deny -p tcp --dport pop3s --syn -m recent --name pop3s_attack --rcheck --seconds 90 --hitcount 2 -j LOG --log-prefix 'SSH2 REJECT: ' --log-level info 
iptables: No chain/target/match by that name

Obviously I'm doing something wrong. Do I need some file installed first?
If so, what file? Can you help me, please?
Just ignore all this iptables stuff. It is not at all useful for you. Open the firewall configuration tool. In the Public zone, uncheck the ssh service. Then in the Options menu, select "Runtime to Permanent" to save the configuration change. That's all you need to do. By default the firewall is quite secure, it just leaves the ssh port open.
Sometimes you MUST leave your machine open to ssh or other services. Now what, Kemo Sabe?
I did not see how to get firewalld to do what I wanted and has worked for over a decade. So I learned (again as it had changed since last time) how to manually drive iptables. I use iptables to create several layers of protection around my not particularly juicy delicious hackerworthy machine. What ports are open? What passwords are set? (Are passwords set? {^_-} ) And have you the patience to wait a minute and a half between tries? (One dweeb actually was until I banned his IP block and changed the port.) No one of these is a "good" defense. But, put together the defense concept has lasted (well) over two decades without being hacked and without inconveniencing me too much.
Now, if somebody must leave ssh open, why not facilitate using some of iptables more interesting features to make the nut just a little more difficult to crack open? I consider the interface as more or less a "composite material". Composite materials are the basis for GSA qualified safes. They're harder than heck to drill out due to chips of very hard material in a matrix of a material that gums up drills. The metaphor sort of works, too. 

{^_^}
_______________________________________________
users mailing list -- users@xxxxxxxxxxxxxxxxxxxxxxx
To unsubscribe send an email to users-leave@xxxxxxxxxxxxxxxxxxxxxxx
[Index of Archives]     [Older Fedora Users]     [Fedora Announce]     [Fedora Package Announce]     [EPEL Announce]     [EPEL Devel]     [Fedora Magazine]     [Fedora Summer Coding]     [Fedora Laptop]     [Fedora Cloud]     [Fedora Advisory Board]     [Fedora Education]     [Fedora Security]     [Fedora Scitech]     [Fedora Robotics]     [Fedora Infrastructure]     [Fedora Websites]     [Anaconda Devel]     [Fedora Devel Java]     [Fedora Desktop]     [Fedora Fonts]     [Fedora Marketing]     [Fedora Management Tools]     [Fedora Mentors]     [Fedora Package Review]     [Fedora R Devel]     [Fedora PHP Devel]     [Kickstart]     [Fedora Music]     [Fedora Packaging]     [Fedora SELinux]     [Fedora Legal]     [Fedora Kernel]     [Fedora OCaml]     [Coolkey]     [Virtualization Tools]     [ET Management Tools]     [Yum Users]     [Yosemite News]     [Gnome Users]     [KDE Users]     [Fedora Art]     [Fedora Docs]     [Fedora Sparc]     [Libvirt Users]     [Fedora ARM]

  Powered by Linux