[sllug-members]: SSH question
Remo Mattei
remo at italy1.com
Fri Apr 18 14:34:15 MDT 2008
I like authfail works as a charm. then I have other rules into my
firewall which runs authfail as well.
Just my 2 cents.
Remo
Knight Walker wrote:
> On Fri, 2008-04-18 at 14:00 -0600, Mark K. Spute wrote:
>> Sorry. It was a typo. I can ssh from the server console on 127.0.0.1.
>> I can ssh from other machines behind the firewall using 192.168.0.10.
>> But I can't ssh from other machines behind the firewall using the public
>> ip of 216.126.226.210.
>
> I've almost never had that work. Most firewalls don't pass traffic out
> then back in. You should try ssh'ing to your IP from an outside machine
> (ISP, friend's house, etc).
>
>> I shut down iptables using the command you listed. I still got the same
>> error message on putty as before: network error, connection refused.
>>
>> What else could it be?
>>
>> I am very interested in Dan Witts suggestion, I'm just not sure how to
>> do it.
>>
>> I'd also be interested in knowing what folks think of port knocking as
>> part of a security plan.
>
> I don't bother with it, since it requires more work on the client-side
> and most people don't want to be bothered. Those that can be bothered to
> use SSH at least.
>
>> (On the plus side, the dictionary attacks have dropped from 500+ per day
>> to zero.) :)
>
> I use a brute-force table in my IPtables to block dictionary attacks. I
> used to get hundreds, now I get maybe three from a bot before it decides
> to move on.
>
> -KW
>
> ______________________________________________________________________
> See http://www.sllug.org/ for latest SLLUG news, information, links.
> Join SLLUG and other UT LUG members on irc.FreeNode.net channel #Utah
> sllug-members at sllug.org
> http://www.sllug.org/cgi-bin/mailman/listinfo/sllug-members
>
> !DSPAM:4809052848099496617779!
>
More information about the sllug-members
mailing list