[CentOS] Security advice, please

Mon Mar 23 19:33:58 UTC 2009
JohnS <jses27 at gmail.com>

On Mon, 2009-03-23 at 18:37 +0000, Anne Wilson wrote:

> > Her's another example it will do what you want, your just
> > misunderstanding it. I have 2 customers that use Netgear routers. I
> > think your not setting up the Nat - Add Page.
> > http://portforward.com/english/routers/port_forwarding/Netgear/DG834G/eMule
> >.htm One thing are you using it for the DSL or another modem/router for dsl?
> > If your using two only one can be Natted and the other Main router in
> > Bridged Mode.
> The router is also the DSL modem.

Ahh, and a warning about that. Make sure after you get the port fowarding working 
that the router is not wide open. Meaning every port open. Zyxel and Netgear are 
very similiar in design (software) and both of them have this problem. This only 
occurs when it is in the routing mode

> OK - I'm thick.  I've looked at that page and seen only what I'm already 
> familiar with.  Please, in plain English, how do I set ssh to come in on port 
> 22022 (service called ext-ssh already set up for that) to be forwarded to 
> 192.168.0.xx port 22?
If you can hold your horses I may can tell you in Plain Eng later on. At
the moment I am not directly in front of one and the ones I have access
to can not be accessed over the WAN. This would be later EST Time

It gives you a choice of what ports you want the service to use. You
simply have to enter the numbers into the empty boxes (choose Custom
Service).  IE; you will have to make a Custom Service.

Looking at your port choice from a Social Engineering Stand Point your
defeating the purpose of port masking. Choosing port 22022 tells me that
you have ssh running on a server.  Non the less you can also do what
Steve said.