sshd listening on 80

Xeratul · 05-27-2007, 04:46 AM

How to increase security with a SSHd listening to either port 80 or 8080 ? Is this listening to 80 Secured or Mad ?

Would sshd listening to 8080 guaranteing less troubles?

(fail2ban is a solution mb for the sshd to port 80)

Greetings

jschiwal · 05-27-2007, 04:57 AM

You could change it to a different high number port (> 1024). Ports 80 & 8080 are common and likely to be scanned.

edenCC · 05-27-2007, 05:49 AM

why not listen to an unknown port like 50891?
this will surely guarante less trouble if the port is not found by malices.

Xeratul · 05-27-2007, 06:29 AM

Quote:

Originally Posted by edenCC

why not listen to an unknown port like 50891?
this will surely guarante less trouble if the port is not found by malices.

the problem is that the concerned pc is behind a firewall and the only open ports are 80 or https 8080, so that the server listening has no other choices of 80 or 8080

is there any possibilities with No-ip from :
PC1_80 => no ip sthg => to sshd listening to 78988 of pc_2

Regards

mechdave · 05-27-2007, 06:37 AM

Port 80 is the http port and port 8080 is a web proxy port. I am not sure you can use these ports in a firewall as the firewall might see any other traffic except http or proxy traffic as a possible intrusion attempt and therefore drop all the packets.

Tinkster · 05-27-2007, 08:02 PM

Quote:

Originally Posted by Xeratul

the problem is that the concerned pc is behind a firewall and the only open ports are 80 or https 8080, so that the server listening has no other choices of 80 or 8080

is there any possibilities with No-ip from :
PC1_80 => no ip sthg => to sshd listening to 78988 of pc_2

Regards

There shouldn't be any problems with that ... browser pointing at
your public IP will barf, but that won't bother you much. Of course
you can (can you?) just tell the firewall to forward incoming
requests on 80 and/or 8080 to 22 ...

If this isn't the answer I didn't understand the question :}

Cheers,
Tink

Xeratul · 05-28-2007, 02:16 AM

Quote:

Originally Posted by Tinkster

There shouldn't be any problems with that ... browser pointing at
your public IP will barf, but that won't bother you much. Of course
you can (can you?) just tell the firewall to forward incoming
requests on 80 and/or 8080 to 22 ...

If this isn't the answer I didn't understand the question :}

Cheers,
Tink

I made this explanation:
I d rather have the Example 2 working for SSH ... somehow ...

[img=http://img503.imageshack.us/img503/5374/firewallbypassdy9.th.jpg]

http://img503.imageshack.us/img503/5...passdy9.th.jpg

http://img503.imageshack.us/my.php?i...lbypassdy9.jpg

Thnaks

Tinkster · 05-28-2007, 01:00 PM

Are you expecting to be able to use several ports via 80?
That ain't happening, I don't think.

Cheers,
Tink

Xeratul · 05-28-2007, 02:29 PM

Quote:

Originally Posted by Tinkster

Are you expecting to be able to use several ports via 80?
That ain't happening, I don't think.

Cheers,
Tink

I dont know if I understood well but via Proxy / or intermediate PC, that might be fine.
That s the way is doign skype traversal via 80
80 <=> 80

I dont know if I understood well.

Good Evening