Re: block port forwarding?

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]




On Thu, Feb 25, 2010 at 6:39 AM, Eero Volotinen <eero.volotinen@xxxxxx> wrote:
2010/2/25 Roland RoLaNd <r_o_l_a_n_d@xxxxxxxxxxx>:
>
> Hello,
>
>  i have internet usage rules for all of my network.
> only 2 servers have full access to the internet..
> lately i've noticed that lots of traffic being produced by the servers ..
> is there a way to know whose using port forwarding to my server so they access the internet ?
> or is there a way to block people from doing such a thing ?

Err. Disable ip_forward&nat on server and limit connections on main firewall ..

--
Eero


@Eero:
Don't be so literal.  You need to read the whole messages and understand the problem.  Just because someone calls something "forwarding" doesn't mean they are speaking in the literal Linux kernel sense of the word.

@Roland:
In addition to what some other posters have said, look at who is logged in to the server at the time.  You might find some open SSH sessions that are using port forwarding.  You can disable this by setting "AllowTcpForwarding no" in the sshd_config, but if users have shell, it will be very difficult to stop it.  You also might want to see if there is a proxy setup, or something like that.

_______________________________________________
CentOS mailing list
CentOS@xxxxxxxxxx
http://lists.centos.org/mailman/listinfo/centos

[Index of Archives]     [CentOS]     [CentOS Announce]     [CentOS Development]     [CentOS ARM Devel]     [CentOS Docs]     [CentOS Virtualization]     [Carrier Grade Linux]     [Linux Media]     [Asterisk]     [DCCP]     [Netdev]     [Xorg]     [Linux USB]
  Powered by Linux