On 06/30/17 17:50, jdow wrote: > On 2017-06-29 23:25, Samuel Sieb wrote: >> On 06/29/2017 06:24 PM, Doug wrote: >>> I tried to write this command to a root console in PCLInuxOS, but it got rejected. >>> >>> [root@linux1 doug]# iptables -t filter -A IN_public_deny -p tcp --dport pop3s >>> --syn -m recent --name pop3s_attack --rcheck --seconds 90 --hitcount 2 -j LOG >>> --log-prefix 'SSH2 REJECT: ' --log-level info >>> iptables: No chain/target/match by that name >>> >>> Obviously I'm doing something wrong. Do I need some file installed first? >>> If so, what file? Can you help me, please? >> >> Just ignore all this iptables stuff. It is not at all useful for you. Open the >> firewall configuration tool. In the Public zone, uncheck the ssh service. Then >> in the Options menu, select "Runtime to Permanent" to save the configuration >> change. That's all you need to do. By default the firewall is quite secure, it >> just leaves the ssh port open. > > Sometimes you MUST leave your machine open to ssh or other services. Now what, Kemo > Sabe? > > I suppose it depends on what "must" means and your situation and resources available. In my case I find it perfectly acceptable to run an openVPN server on my router and remotely access my systems via ssh after connecting. In addition my sshd_config contains PasswordAuthentication no PermitRootLogin no -- Fedora Users List - The place to go to speculate endlessly
Attachment:
signature.asc
Description: OpenPGP digital signature
_______________________________________________ users mailing list -- users@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe send an email to users-leave@xxxxxxxxxxxxxxxxxxxxxxx
