I think SSH requires a response before it accepts a login attempt, but I'm not sure. Masquerading would be required for the outside IP to get the traffic back, yes.
Is that IP close to you (as in nothing is blocking it, they're on a different leg of the same upstream)? Josh Luthman Office: 937-552-2340 Direct: 937-552-2343 1100 Wayne St Suite 1337 Troy, OH 45373 On Wed, Jul 25, 2012 at 11:18 AM, Ty Featherling <[email protected]>wrote: > I though, and Google verified, that port knocking is a means to be allowed > through a firewall by attempting connections to a specific sequence of > ports. How does that apply here? > > Public space shouldn't be able to reach private space without some form of > redirect or NAT, correct? > > -Ty > > On Wed, Jul 25, 2012 at 10:14 AM, Josh Luthman > <[email protected]>wrote: > > > Port knocking? > > > > Josh Luthman > > Office: 937-552-2340 > > Direct: 937-552-2343 > > 1100 Wayne St > > Suite 1337 > > Troy, OH 45373 > > > > > > On Wed, Jul 25, 2012 at 11:10 AM, Ty Featherling < > [email protected] > > >wrote: > > > > > Looking at one of my routerboards that has a private 10.0.4.x address > and > > > the logs show multiple attempts to connect via ftp and ssh from a > public > > > address 213.229.93.218. Not counting for the fact that your security > > should > > > block those attempts, how in the hell is a public address that is > > > off-network reaching a private address? NAT is not being used anywhere > on > > > my network. > > > > > > -Ty > > > -------------- next part -------------- > > > An HTML attachment was scrubbed... > > > URL: < > > > > > > http://www.butchevans.com/pipermail/mikrotik/attachments/20120725/5dd00907/attachment.html > > > > > > > _______________________________________________ > > > Mikrotik mailing list > > > [email protected] > > > http://www.butchevans.com/mailman/listinfo/mikrotik > > > > > > Visit http://blog.butchevans.com/ for tutorials related to Mikrotik > > > RouterOS > > > > > -------------- next part -------------- > > An HTML attachment was scrubbed... > > URL: < > > > http://www.butchevans.com/pipermail/mikrotik/attachments/20120725/5300ba0f/attachment.html > > > > > _______________________________________________ > > Mikrotik mailing list > > [email protected] > > http://www.butchevans.com/mailman/listinfo/mikrotik > > > > Visit http://blog.butchevans.com/ for tutorials related to Mikrotik > > RouterOS > > > -------------- next part -------------- > An HTML attachment was scrubbed... > URL: < > http://www.butchevans.com/pipermail/mikrotik/attachments/20120725/3f130f0f/attachment.html > > > _______________________________________________ > Mikrotik mailing list > [email protected] > http://www.butchevans.com/mailman/listinfo/mikrotik > > Visit http://blog.butchevans.com/ for tutorials related to Mikrotik > RouterOS > -------------- next part -------------- An HTML attachment was scrubbed... URL: <http://www.butchevans.com/pipermail/mikrotik/attachments/20120725/a8c6812d/attachment.html> _______________________________________________ Mikrotik mailing list [email protected] http://www.butchevans.com/mailman/listinfo/mikrotik Visit http://blog.butchevans.com/ for tutorials related to Mikrotik RouterOS
