Re: SSH & iptables
- From: pch0317 <pch0317@xxxxxxxxx>
- Date: Mon, 25 May 2009 18:27:37 +0200
Thanks for answers.
Alex Samad wrote:
On Mon, May 25, 2009 at 12:53:58PM +0100, Nuno Magalhães wrote:
iptables -A INPUT -p tcp --dport 22 -j ACCEPTHow would one implement it remotely? I (may have) read somewhere that
iptables -A INPUT -j DROP
but that will not work how you expect (don't implement it remotely )
blocking everything but ssh wouldn't mess with your ssh session, but
i'm not sure.
the above line would allow ssh only traffic but block everything else,
like ntp, dns, email, icmp - both inbound and outbound
maybe your should read a bit more about firewall/iptables. I believe
other people recommend shorewall as an easy / safe application to use
for firewalls.
I would also suggest if you are doing this remotely (and you have no
access to the console).
investigate screen, have one window left open with a command line
something like this running
sleep 500 && <command to undo what you are testing>
Alex
Would a cron job or a sleep do?
--
To UNSUBSCRIBE, email to debian-user-REQUEST@xxxxxxxxxxxxxxxx with a subject of "unsubscribe". Trouble? Contact listmaster@xxxxxxxxxxxxxxxx
- References:
- SSH & iptables
- From: Pawel Cholewinski
- Re: SSH & iptables
- From: Alex Samad
- Re: SSH & iptables
- From: Nuno Magalhães
- Re: SSH & iptables
- From: Alex Samad
- SSH & iptables
- Prev by Date: Re: KDE is now broken (Fwd: Heads-up: KDE4 hitting testing tonight (UTC) )
- Next by Date: Re: KDE is now broken (Fwd: Heads-up: KDE4 hitting testing tonight (UTC) )
- Previous by thread: Re: SSH & iptables
- Next by thread: Re: SSH & iptables
- Index(es):
Relevant Pages
|
