Re: SSHD: Limit login attempt rate
- From: Andrew Gideon <c172driver1@xxxxxxxxxx>
- Date: Sun, 27 Jul 2008 16:14:08 +0000 (UTC)
On Fri, 25 Jul 2008 05:45:08 -0700, bmearns wrote:
This is
also my main reason for not moving the server to another port: I need to
be able to access it from a handful of networks that lock down all but
standard ports (i.e., from within these networks, you can't connect to
remote hosts on ports other than, say, 80, 8080, 22, and maybe a few
others), so I'm not clear on how port knocking would be any different in
this aspect?
There are some fun variations on port knocking. For example, what about
a login-protected https:// URL? A connection there causes the iptables
entry that opens the port to the transmitting URL. The down side is that
a forced web proxy can mess with this, esp. if the sender is in RFC1918
address space.
Another is eavesdropping (via logging to syslog which is directed to a
pipe that a daemon is reading) on the query stream of a DNS server. The
proper query from a given IP opens SSH access to that IP. This only
works if the sending computer is permitted to make DNS requests directly
(as opposed to via separate resolvers).
- Andrew
.
- References:
- SSHD: Limit login attempt rate
- From: bmearns
- Re: SSHD: Limit login attempt rate
- From: Alo
- Re: SSHD: Limit login attempt rate
- From: bmearns
- SSHD: Limit login attempt rate
- Prev by Date: Re: troubleshooting
- Next by Date: Re: 192.168 - why?
- Previous by thread: Re: SSHD: Limit login attempt rate
- Next by thread: Intrusion Detection Strategies
- Index(es):
Relevant Pages
|
