Re: [SOLVED] iptables rule question for Centos 5

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] 

On Fri, 3 Aug 2012, SilverTip257 wrote:

> To: CentOS mailing list <centos@xxxxxxxxxx>
> From: SilverTip257 <silvertip257@xxxxxxxxx>
> Subject: Re:  [SOLVED] iptables rule question for Centos 5
> 
> Marvin,
>
> You're leaving SSH open to the world with that.
> If this is a box behind a firewall, then it's not _as much of a
> concern_ ... otherwise you're opening that server up to ssh brute
> force attempts.
>
> Your existing configuration is probably set up to drop/reject if
> traffic does not match any of your rules, so you've nearly solved the
> "blocking all other traffic" from server2.  But you really should put
> a specific rule on server1 with source as server2 and dest port 22
> being accepted.
>
> -s server2 -p tcp --dport 22 -j ACCEPT

Or move the SSH port to a non-standard one?

Keith
_______________________________________________
CentOS mailing list
CentOS@xxxxxxxxxx
http://lists.centos.org/mailman/listinfo/centos
[Index of Archives]     [CentOS]     [CentOS Announce]     [CentOS Development]     [CentOS ARM Devel]     [CentOS Docs]     [CentOS Virtualization]     [Carrier Grade Linux]     [Linux Media]     [Asterisk]     [DCCP]     [Netdev]     [Xorg]     [Linux USB]
  Powered by Linux