[CentOS] [SOLVED] iptables rule question for Centos 5
Keith Roberts
keith at karsites.net
Sat Aug 4 06:43:16 UTC 2012
On Fri, 3 Aug 2012, SilverTip257 wrote:
> To: CentOS mailing list <centos at centos.org>
> From: SilverTip257 <silvertip257 at gmail.com>
> Subject: Re: [CentOS] [SOLVED] iptables rule question for Centos 5
>
> Marvin,
>
> You're leaving SSH open to the world with that.
> If this is a box behind a firewall, then it's not _as much of a
> concern_ ... otherwise you're opening that server up to ssh brute
> force attempts.
>
> Your existing configuration is probably set up to drop/reject if
> traffic does not match any of your rules, so you've nearly solved the
> "blocking all other traffic" from server2. But you really should put
> a specific rule on server1 with source as server2 and dest port 22
> being accepted.
>
> -s server2 -p tcp --dport 22 -j ACCEPT
Or move the SSH port to a non-standard one?
Keith
More information about the CentOS
mailing list