[sllug-members]: SSH question

Remo Mattei remo at italy1.com
Thu Apr 17 08:59:29 MDT 2008 

-- Dr. Emilio Lizardo

did you restart the server? are you doing a port forwarding on your 
router? I think you should leave the port on your server at 22 then the 
router will forward your port 3022 session to the server port 22...

Remo

mark.k.spute at l-3com.com wrote:
> I only have one of those cheapie qwerst supplied 4 port DSL routers.   I
> think it only allows me to select groups of ports (i.e. ports 22 through
> 25) and forward them to one IP address. 
> 
> I told it the router to listen on port 3022 and forward that to the
> server.  Then I set up the server to listen on port 3022 for SSH and
> SSHD.  But since then, I can't SSH into the server.
> 
> mark
> 
> -----Original Message-----
> From: sllug-members-bounces at sllug.org
> [mailto:sllug-members-bounces at sllug.org] On Behalf Of Matthew Hatch
> Sent: Thursday, April 17, 2008 8:04 AM
> To: Salt Lake Linux Users Group Discussions
> Subject: Re: [sllug-members]: SSH question
> 
> I usually leave the server listening on port 22 and just do a port
> redirect from incoming port whatever to port 22 on the server.  If your
> router supports that, it's the easier way to go.  Then you only have to
> worry about different ports when you're outside of your firewall.
> 
> mark.k.spute at l-3com.com wrote:
>> Good Morning List
>>
>> <alert=newbie>
>>
>> I have a server at home (FC-1) running Bind, Sendmail, Apache, 
>> procmail, etc.  It's my mail and webserver only.  I have been getting 
>> a large number of dictionary attacks on SSH.  In excess of 500 per 
>> day.  I'm trying to tightenup my security.  I started by changing SSH 
>> from listening on port 22 to listening on port 3022.  I updated both 
>> SSH.config and SSHD.config to listen on port 3022.  I also changed the
> 
>> port forwarding on my router to forward port 3022 to the server's IP 
>> address.  After reloading SSHD I tried to log in to my server using 
>> putty from inside the firewall, and I've tried to login using putty 
>> from outside the firewall, but I cannot connect.
>>
>> What am I doing wrong?
>>
>> Also, I am aware that security by obfuscation is not a good way to 
>> lock down a server, but it's just the first layer of what I hope will 
>> be a multi-layer approach.
>>
>> </alert>
>>
>> Thanks for listening.
>>
>> Mark
>>
>>
>> ----------------------------------------------------------------------
>> --
>>
>> ______________________________________________________________________
>> See http://www.sllug.org/ for latest SLLUG news, information, links.
>> Join SLLUG and other UT LUG members on irc.FreeNode.net channel #Utah 
>> sllug-members at sllug.org 
>> http://www.sllug.org/cgi-bin/mailman/listinfo/sllug-members
> ______________________________________________________________________
> See http://www.sllug.org/ for latest SLLUG news, information, links.
> Join SLLUG and other UT LUG members on irc.FreeNode.net channel #Utah
> sllug-members at sllug.org
> http://www.sllug.org/cgi-bin/mailman/listinfo/sllug-members
> ______________________________________________________________________
> See http://www.sllug.org/ for latest SLLUG news, information, links.
> Join SLLUG and other UT LUG members on irc.FreeNode.net channel #Utah
> sllug-members at sllug.org
> http://www.sllug.org/cgi-bin/mailman/listinfo/sllug-members
> 
> !DSPAM:4807654547321336712104!
>

More information about the sllug-members mailing list