[CentOS] Paranoid Firewalling
Scot L. Harris
webid at cfl.rr.com
Wed Sep 7 00:50:47 UTC 2005
On Tue, 2005-09-06 at 20:16, Maciej Żenczykowski wrote:
> Instead of keeping the ssh port open, use something like the following:
> -A INPUT -p tcp --dport SECRETPORT# -m recent --set
> -A INPUT -p tcp --dport ssh -m state --state NEW -m recent --update
> --seconds 43200 -j ACCEPT
> and then before ssh'ing in from outside telnet the SECRETPORT# on the
> machine in order to open the ssh port for the next 12 hours.
> Gets rid of script kiddies.
Or just move the ssh port to another port number. I also got tired of
all the log file activity. Moved ssh to another port and have not seen
any of that traffic since then.
More information about the CentOS