[CentOS] Paranoid Firewalling

Scot L. Harris webid at cfl.rr.com
Wed Sep 7 00:50:47 UTC 2005

On Tue, 2005-09-06 at 20:16, Maciej Żenczykowski wrote:
> Instead of keeping the ssh port open, use something like the following:
> -A INPUT -p tcp --dport SECRETPORT# -m recent --set
> -A INPUT -p tcp --dport ssh -m state --state NEW -m recent --update
>    --seconds 43200 -j ACCEPT
> and then before ssh'ing in from outside telnet the SECRETPORT# on the 
> machine in order to open the ssh port for the next 12 hours.
> Gets rid of script kiddies.

Or just move the ssh port to another port number.  I also got tired of
all the log file activity.  Moved ssh to another port and have not seen
any of that traffic since then.

More information about the CentOS mailing list