David G. Miller wrote: > David Hrb?c( <hrbac.conf@xxxxxxxxx> wrote: > >> Bazy napsal(a): >>> > And yes... I will use layer 7 filtering. >>> > http://l7-filter.sourceforge.net/protocols >>> > > Patch my kernel, my iptables, and "iptables -A INPUT -m layer7 >>> --l7proto >>> > ssh -j DROP" ;) >> >> Yes, the only way. >> D. > Silly question. If you're just going to drop all ssh connection > attempts, wouldn't it be easier to just not start sshd? Ditto for > telnet, etc? No service means nothing to connect to. > > Cheers, > Dave > Sorry, I ment -A FORWARD. My Linux box is a router. _______________________________________________ CentOS mailing list CentOS@xxxxxxxxxx http://lists.centos.org/mailman/listinfo/centos
Re: filtering ssh regardless of the port
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
- To: CentOS mailing list <centos@xxxxxxxxxx>
- Subject: Re: filtering ssh regardless of the port
- From: Bazy <bazy@xxxxxxxxxxxxxxxxx>
- Date: Wed, 19 Sep 2007 17:54:10 +0300
- Delivered-to: centos@xxxxxxxxxx
- In-reply-to: <46F12B14.1020905@xxxxxxxxxxxxx>
- References: <46F12B14.1020905@xxxxxxxxxxxxx>
- User-agent: Thunderbird 2.0.0.6 (Windows/20070728)
- References:
- Re: filtering ssh regardless of the port
- From: David G. Miller
- Re: filtering ssh regardless of the port
- Prev by Date: Re: Disabling shutdown and suspend for normal users
- Next by Date: RE: Server Virtualization
- Previous by thread: Re: filtering ssh regardless of the port
- Next by thread: i cant find centos 4.4
- Index(es):
 |