[CentOS] IPTABLEs and port scanning

James B. Byrne byrnejb at harte-lyne.ca
Tue Jan 5 19:56:40 UTC 2010

On Tue, January 5, 2010 11:56, Ned Slider wrote:
> Those are the *source ports* from the attacking host, not the
> destination port on which you are running SSH. I /assume/ the number
> enclosed in '[]' to be the pid of the sshd instance associated with
> the
> connection attempt.
> Hope that helps.

I discovered a mal-configured rule in iptables respecting access to
the local sshd.  As this is a gateway machine other connections to
port 22 on different ips have to pass through it. I had conflated
the separate requirements of local and network access into a single
rule which simply did not serve the multiple purposes I imagined it

Thank you to all who replied.  I learned a few new things today.


***          E-Mail is NOT a SECURE channel          ***
James B. Byrne                mailto:ByrneJB at Harte-Lyne.ca
Harte & Lyne Limited          http://www.harte-lyne.ca
9 Brockley Drive              vox: +1 905 561 1241
Hamilton, Ontario             fax: +1 905 561 0757
Canada  L8E 3C3

More information about the CentOS mailing list