start portsentry on the box, and tell it to cover the ssh port.. and then add all the ip's you would use to the portsentry.ignore file.
Then anyone scanning your ssh port would be blocked by ipchains/iptables, except you, so you can connect to your hearts content without worrying about getting rooted. incidently, does anyone know how to creat a iptables rule based on allowing access to a domain name? (ie not an IP address) I have a dynamic IP and I use dyndns to have a domain name what will always resolve back to what my new IP is.. I want to set things up so that I can use that domain to access all my servers that are closed to everyone else.. So I need to know if essentially a domain name can be used in place of an IP in an iptables rule? and I need to know if iptables will check for the IP when its run, or if it checks when the rule is tested. in other words, if it does accept a domain as an arguement, and it just looks that domain up and replaces it with the IP, then I have a problem as the firewall would need to be restarted to get the new IP, if I disconnect and reconnect.. in which case I am screwed because I'd need ssh access to restart the firewall.. any ideas people? rgds Frank -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of Charlie Bebber Sent: Thursday, 17 January 2002 9:13 AM To: [EMAIL PROTECTED] Subject: Re: [expert] SSH message not to panic Mike Leone said: > Meanwhile, that IP belongs to www.picantecorp.com. "A Leader in Email > Enhancement Products and Services". > > Why would they want to SSH scan you? You work for them? Are a customer? > Collect the same baseball cards as the webmaster? What? Yeah, I looked that info up too and I just can't figure out why someone in College Station, Texas would SSH scan me (especially from their web server which is to what that IP maps). > I'd semi-politely mention to them, to DON'T BE DOING THAT TO ME, > please. > > Of course, they may not even know that they're doing it. Yeah, I think I'll do that. Just thought it was interesting. -Charlie -- GPG Key fingerprint = 4F36 EC4F 2F2C 5F59 9690 09E5 4C0F 9DB0 8623 53CE
Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com
