[sllug-members]: SSH question

mark.k.spute at L-3com.com mark.k.spute at L-3com.com
Thu Apr 17 09:13:56 MDT 2008 

I didn't restart the server but I did

 service sshd reload 

I don't think I can forward from one port to another with my existing
router.  I can only forward to an IP address.

Another way of putting this I guess is my router allows me to block all
ports except certain ones that I can forward to a certain ip address,
but not to a certain [ip address/port number] combination.  The router
isn't smart enough to do that.  (I don't think.  I'll have to check it
out later.)

The effect, I think, is that if you try to connect to the public IP
address through port 3022, it passes that connection to port 3022 on the
server on its private IP address.

Mark

-----Original Message-----
From: sllug-members-bounces at sllug.org
[mailto:sllug-members-bounces at sllug.org] On Behalf Of Remo Mattei
Sent: Thursday, April 17, 2008 8:59 AM
To: Salt Lake Linux Users Group Discussions
Subject: Re: [sllug-members]: SSH question

-- Dr. Emilio Lizardo

did you restart the server? are you doing a port forwarding on your
router? I think you should leave the port on your server at 22 then the
router will forward your port 3022 session to the server port 22...

Remo

mark.k.spute at l-3com.com wrote:
> I only have one of those cheapie qwerst supplied 4 port DSL routers.
I
> think it only allows me to select groups of ports (i.e. ports 22 
> through
> 25) and forward them to one IP address. 
> 
> I told it the router to listen on port 3022 and forward that to the 
> server.  Then I set up the server to listen on port 3022 for SSH and 
> SSHD.  But since then, I can't SSH into the server.
> 
> mark
> 
> -----Original Message-----
> From: sllug-members-bounces at sllug.org
> [mailto:sllug-members-bounces at sllug.org] On Behalf Of Matthew Hatch
> Sent: Thursday, April 17, 2008 8:04 AM
> To: Salt Lake Linux Users Group Discussions
> Subject: Re: [sllug-members]: SSH question
> 
> I usually leave the server listening on port 22 and just do a port 
> redirect from incoming port whatever to port 22 on the server.  If 
> your router supports that, it's the easier way to go.  Then you only 
> have to worry about different ports when you're outside of your
firewall.
> 
> mark.k.spute at l-3com.com wrote:
>> Good Morning List
>>
>> <alert=newbie>
>>
>> I have a server at home (FC-1) running Bind, Sendmail, Apache, 
>> procmail, etc.  It's my mail and webserver only.  I have been getting

>> a large number of dictionary attacks on SSH.  In excess of 500 per 
>> day.  I'm trying to tightenup my security.  I started by changing SSH

>> from listening on port 22 to listening on port 3022.  I updated both 
>> SSH.config and SSHD.config to listen on port 3022.  I also changed 
>> the
> 
>> port forwarding on my router to forward port 3022 to the server's IP 
>> address.  After reloading SSHD I tried to log in to my server using 
>> putty from inside the firewall, and I've tried to login using putty 
>> from outside the firewall, but I cannot connect.
>>
>> What am I doing wrong?
>>
>> Also, I am aware that security by obfuscation is not a good way to 
>> lock down a server, but it's just the first layer of what I hope will

>> be a multi-layer approach.
>>
>> </alert>
>>
>> Thanks for listening.
>>
>> Mark
>>
>>
>> ---------------------------------------------------------------------
>> -
>> --
>>
>> _____________________________________________________________________
>> _ See http://www.sllug.org/ for latest SLLUG news, information, 
>> links.
>> Join SLLUG and other UT LUG members on irc.FreeNode.net channel #Utah

>> sllug-members at sllug.org 
>> http://www.sllug.org/cgi-bin/mailman/listinfo/sllug-members
> ______________________________________________________________________
> See http://www.sllug.org/ for latest SLLUG news, information, links.
> Join SLLUG and other UT LUG members on irc.FreeNode.net channel #Utah 
> sllug-members at sllug.org 
> http://www.sllug.org/cgi-bin/mailman/listinfo/sllug-members
> ______________________________________________________________________
> See http://www.sllug.org/ for latest SLLUG news, information, links.
> Join SLLUG and other UT LUG members on irc.FreeNode.net channel #Utah 
> sllug-members at sllug.org 
> http://www.sllug.org/cgi-bin/mailman/listinfo/sllug-members
> 
> !DSPAM:4807654547321336712104!
> 
______________________________________________________________________
See http://www.sllug.org/ for latest SLLUG news, information, links.
Join SLLUG and other UT LUG members on irc.FreeNode.net channel #Utah
sllug-members at sllug.org
http://www.sllug.org/cgi-bin/mailman/listinfo/sllug-members

More information about the sllug-members mailing list