FAQ Search Today's Posts Mark Forums Read
» Video Reviews

» Linux Archive

Linux-archive is a website aiming to archive linux email lists and to make them easily accessible for linux users/developers.

» Sponsor

» Partners

» Sponsor

Go Back   Linux Archive > CentOS > CentOS

LinkBack Thread Tools
Old 01-05-2010, 05:17 PM
Thomas Harold
Default IPTABLEs and port scanning

On 1/5/2010 11:49 AM, Benjamin Franz wrote:
> If your brute force protection is not catching the repeated login
> failures, you should check its configuration.

Or give up and move SSH to a non-standard port, at least from the
outside. (I got tired a few years ago of watching my log files fill up
with attack attempts.)
CentOS mailing list
Old 01-05-2010, 06:56 PM
"James B. Byrne"
Default IPTABLEs and port scanning

On Tue, January 5, 2010 11:56, Ned Slider wrote:
> Those are the *source ports* from the attacking host, not the
> destination port on which you are running SSH. I /assume/ the number
> enclosed in '[]' to be the pid of the sshd instance associated with
> the
> connection attempt.
> Hope that helps.

I discovered a mal-configured rule in iptables respecting access to
the local sshd. As this is a gateway machine other connections to
port 22 on different ips have to pass through it. I had conflated
the separate requirements of local and network access into a single
rule which simply did not serve the multiple purposes I imagined it

Thank you to all who replied. I learned a few new things today.


*** E-Mail is NOT a SECURE channel ***
James B. Byrne mailto:ByrneJB@Harte-Lyne.ca
Harte & Lyne Limited http://www.harte-lyne.ca
9 Brockley Drive vox: +1 905 561 1241
Hamilton, Ontario fax: +1 905 561 0757
Canada L8E 3C3

CentOS mailing list

Thread Tools

All times are GMT. The time now is 06:20 AM.

VBulletin, Copyright ©2000 - 2014, Jelsoft Enterprises Ltd.
Content Relevant URLs by vBSEO ©2007, Crawlability, Inc.
Copyright 2007 - 2008, www.linux-archive.org