Block port 22 for specific IP's
Is it possible/easy to block port 22 for specific IPs using the terminal or some application? Right now I have it open to the world and its bothering me to see all the break-in attempts.
I need it so I can get to my systems from anywhere outside of my network.
I have not been able to successfully implement a VPN so I am using firestarter right now and it will allow me to block port 22 all together unless its from a specific IP but that is only good if I am in one specific place. Great for security but not very flexible.
IPTABLES its easy. http://www.netfilter.org/projects/iptables/index.html
super easy solution:
edit your /etc/ssh/sshd_config file
change your ssh port to any non standard port so it isn't detected by every port scanner that passes over your subnet
you will need to just add the -p flag when you log in to tell your client what arbritary port you moved the server to. Pick something that no standard services run on of possible
DISABLE ssh v1
disable root login, or better yet restrict it to ONLY the user or users that you log in as. DEFIANTLY DISABLE ROOT LOGIN
You should see your break in attempts drop to next to nothing once port scanners start seeing a closed or stealth port 22.
Security by obscurity is stupid, but so is actively advertising that you have something to break into. By hiding your already secure service, you only make things better :)
another easy way is open your /etc/hosts.deny and add below if dont have then create it
then open your /etc/hosts.allow and add
these sample :)
|All times are GMT -5. The time now is 04:20 PM.|