On Thursday 2005-December-08 07:43, Edwin Kapauni wrote:
> Now, I need some help teaching me how to open ports for SSH and VoIP.
> That shouldn't be too difficult, right?
SSH, simple. VOIP, depends on what protocol[s] you mean, but no, in
general it should not be difficult.
iptables -A INPUT -p tcp --dport ssh -j ACCEPT
Ensure that your users have strong passwords and/or disable password
authentication altogether, because many worms/bots (I think run by and
for phishers) are probing the Internet for openings in TCP port 22 and
attempting to login using common usernames and passwords.
For any well-configured host these attacks are nothing more than an
annoyance, but you might wish to do some kind of blocking to limit the
login attempts, if for no other reason than to reduce the noise in
logging. There have been "-m recent" and "-m limit" ideas posted here
to do that. If you have the "recent" match extension, that is probably
better overall, but the "limit" approach is good enough for me.
--
mail to this address is discarded unless "/dev/rob0"
or "not-spam" is in Subject: header
