Re: [AFMUG] secure imagestreams to our office IP space
I turned off telnet, and have a 5 failed attempt lock in the firewall, but other than when Im at home I dont ssh into these things anymore so configuring it to only allow ssh from our subnets is fine. I winscp to it if Im making a major change or ssh if its small. On Fri, Feb 20, 2015 at 11:33 AM, Josh Luthman j...@imaginenetworksllc.com wrote: Can you block SSH to them from outside your network and use a VPN? Or SSH gateway? Josh Luthman Office: 937-552-2340 Direct: 937-552-2343 1100 Wayne St Suite 1337 Troy, OH 45373 On Fri, Feb 20, 2015 at 12:29 PM, That One Guy thatoneguyst...@gmail.com wrote: I need to lock down our imagestreams to our network only, primarily because its irritating when Im configuring to have the connection attempts displace the text. The caveat is I would like to be able to access from my laptop from anywhere -- All parts should go together without forcing. You must remember that the parts you are reassembling were disassembled by you. Therefore, if you can't get them together again, there must be a reason. By all means, do not use a hammer. -- IBM maintenance manual, 1925 -- All parts should go together without forcing. You must remember that the parts you are reassembling were disassembled by you. Therefore, if you can't get them together again, there must be a reason. By all means, do not use a hammer. -- IBM maintenance manual, 1925
Re: [AFMUG] secure imagestreams to our office IP space
Can you block SSH to them from outside your network and use a VPN? Or SSH gateway? Josh Luthman Office: 937-552-2340 Direct: 937-552-2343 1100 Wayne St Suite 1337 Troy, OH 45373 On Fri, Feb 20, 2015 at 12:29 PM, That One Guy thatoneguyst...@gmail.com wrote: I need to lock down our imagestreams to our network only, primarily because its irritating when Im configuring to have the connection attempts displace the text. The caveat is I would like to be able to access from my laptop from anywhere -- All parts should go together without forcing. You must remember that the parts you are reassembling were disassembled by you. Therefore, if you can't get them together again, there must be a reason. By all means, do not use a hammer. -- IBM maintenance manual, 1925
Re: [AFMUG] secure imagestreams to our office IP space
should have been more clear, other than showing up in traceroutes, whats the best way to make it not respond to anything but our IP space? On Fri, Feb 20, 2015 at 11:40 AM, That One Guy thatoneguyst...@gmail.com wrote: I turned off telnet, and have a 5 failed attempt lock in the firewall, but other than when Im at home I dont ssh into these things anymore so configuring it to only allow ssh from our subnets is fine. I winscp to it if Im making a major change or ssh if its small. On Fri, Feb 20, 2015 at 11:33 AM, Josh Luthman j...@imaginenetworksllc.com wrote: Can you block SSH to them from outside your network and use a VPN? Or SSH gateway? Josh Luthman Office: 937-552-2340 Direct: 937-552-2343 1100 Wayne St Suite 1337 Troy, OH 45373 On Fri, Feb 20, 2015 at 12:29 PM, That One Guy thatoneguyst...@gmail.com wrote: I need to lock down our imagestreams to our network only, primarily because its irritating when Im configuring to have the connection attempts displace the text. The caveat is I would like to be able to access from my laptop from anywhere -- All parts should go together without forcing. You must remember that the parts you are reassembling were disassembled by you. Therefore, if you can't get them together again, there must be a reason. By all means, do not use a hammer. -- IBM maintenance manual, 1925 -- All parts should go together without forcing. You must remember that the parts you are reassembling were disassembled by you. Therefore, if you can't get them together again, there must be a reason. By all means, do not use a hammer. -- IBM maintenance manual, 1925 -- All parts should go together without forcing. You must remember that the parts you are reassembling were disassembled by you. Therefore, if you can't get them together again, there must be a reason. By all means, do not use a hammer. -- IBM maintenance manual, 1925
Re: [AFMUG] secure imagestreams to our office IP space
Firewall of course. Josh Luthman Office: 937-552-2340 Direct: 937-552-2343 1100 Wayne St Suite 1337 Troy, OH 45373 On Fri, Feb 20, 2015 at 1:48 PM, That One Guy thatoneguyst...@gmail.com wrote: should have been more clear, other than showing up in traceroutes, whats the best way to make it not respond to anything but our IP space? On Fri, Feb 20, 2015 at 11:40 AM, That One Guy thatoneguyst...@gmail.com wrote: I turned off telnet, and have a 5 failed attempt lock in the firewall, but other than when Im at home I dont ssh into these things anymore so configuring it to only allow ssh from our subnets is fine. I winscp to it if Im making a major change or ssh if its small. On Fri, Feb 20, 2015 at 11:33 AM, Josh Luthman j...@imaginenetworksllc.com wrote: Can you block SSH to them from outside your network and use a VPN? Or SSH gateway? Josh Luthman Office: 937-552-2340 Direct: 937-552-2343 1100 Wayne St Suite 1337 Troy, OH 45373 On Fri, Feb 20, 2015 at 12:29 PM, That One Guy thatoneguyst...@gmail.com wrote: I need to lock down our imagestreams to our network only, primarily because its irritating when Im configuring to have the connection attempts displace the text. The caveat is I would like to be able to access from my laptop from anywhere -- All parts should go together without forcing. You must remember that the parts you are reassembling were disassembled by you. Therefore, if you can't get them together again, there must be a reason. By all means, do not use a hammer. -- IBM maintenance manual, 1925 -- All parts should go together without forcing. You must remember that the parts you are reassembling were disassembled by you. Therefore, if you can't get them together again, there must be a reason. By all means, do not use a hammer. -- IBM maintenance manual, 1925 -- All parts should go together without forcing. You must remember that the parts you are reassembling were disassembled by you. Therefore, if you can't get them together again, there must be a reason. By all means, do not use a hammer. -- IBM maintenance manual, 1925
Re: [AFMUG] secure imagestreams to our office IP space
Ues iptables built into the router. I used imagestream for years. If you need a couple I have a Rebel and a Gateway with 5Port Gige card and I also have T1 and ds3 cards for them Hit me off list with a price and Ill send em your way. Thanks Dave On 02/20/2015 12:48 PM, That One Guy wrote: should have been more clear, other than showing up in traceroutes, whats the best way to make it not respond to anything but our IP space? On Fri, Feb 20, 2015 at 11:40 AM, That One Guy thatoneguyst...@gmail.com mailto:thatoneguyst...@gmail.com wrote: I turned off telnet, and have a 5 failed attempt lock in the firewall, but other than when Im at home I dont ssh into these things anymore so configuring it to only allow ssh from our subnets is fine. I winscp to it if Im making a major change or ssh if its small. On Fri, Feb 20, 2015 at 11:33 AM, Josh Luthman j...@imaginenetworksllc.com mailto:j...@imaginenetworksllc.com wrote: Can you block SSH to them from outside your network and use a VPN? Or SSH gateway? Josh Luthman Office: 937-552-2340 tel:937-552-2340 Direct: 937-552-2343 tel:937-552-2343 1100 Wayne St Suite 1337 Troy, OH 45373 On Fri, Feb 20, 2015 at 12:29 PM, That One Guy thatoneguyst...@gmail.com mailto:thatoneguyst...@gmail.com wrote: I need to lock down our imagestreams to our network only, primarily because its irritating when Im configuring to have the connection attempts displace the text. The caveat is I would like to be able to access from my laptop from anywhere -- All parts should go together without forcing. You must remember that the parts you are reassembling were disassembled by you. Therefore, if you can't get them together again, there must be a reason. By all means, do not use a hammer. -- IBM maintenance manual, 1925 -- All parts should go together without forcing. You must remember that the parts you are reassembling were disassembled by you. Therefore, if you can't get them together again, there must be a reason. By all means, do not use a hammer. -- IBM maintenance manual, 1925 -- All parts should go together without forcing. You must remember that the parts you are reassembling were disassembled by you. Therefore, if you can't get them together again, there must be a reason. By all means, do not use a hammer. -- IBM maintenance manual, 1925
Re: [AFMUG] secure imagestreams to our office IP space
try this iptables -I INPUT -s My.ip.net.work -j accept --comment Allow my network iptables -I INPUT -j drop --comment But drop everything else On 02/20/2015 12:48 PM, That One Guy wrote: should have been more clear, other than showing up in traceroutes, whats the best way to make it not respond to anything but our IP space? On Fri, Feb 20, 2015 at 11:40 AM, That One Guy thatoneguyst...@gmail.com mailto:thatoneguyst...@gmail.com wrote: I turned off telnet, and have a 5 failed attempt lock in the firewall, but other than when Im at home I dont ssh into these things anymore so configuring it to only allow ssh from our subnets is fine. I winscp to it if Im making a major change or ssh if its small. On Fri, Feb 20, 2015 at 11:33 AM, Josh Luthman j...@imaginenetworksllc.com mailto:j...@imaginenetworksllc.com wrote: Can you block SSH to them from outside your network and use a VPN? Or SSH gateway? Josh Luthman Office: 937-552-2340 tel:937-552-2340 Direct: 937-552-2343 tel:937-552-2343 1100 Wayne St Suite 1337 Troy, OH 45373 On Fri, Feb 20, 2015 at 12:29 PM, That One Guy thatoneguyst...@gmail.com mailto:thatoneguyst...@gmail.com wrote: I need to lock down our imagestreams to our network only, primarily because its irritating when Im configuring to have the connection attempts displace the text. The caveat is I would like to be able to access from my laptop from anywhere -- All parts should go together without forcing. You must remember that the parts you are reassembling were disassembled by you. Therefore, if you can't get them together again, there must be a reason. By all means, do not use a hammer. -- IBM maintenance manual, 1925 -- All parts should go together without forcing. You must remember that the parts you are reassembling were disassembled by you. Therefore, if you can't get them together again, there must be a reason. By all means, do not use a hammer. -- IBM maintenance manual, 1925 -- All parts should go together without forcing. You must remember that the parts you are reassembling were disassembled by you. Therefore, if you can't get them together again, there must be a reason. By all means, do not use a hammer. -- IBM maintenance manual, 1925
Re: [AFMUG] secure imagestreams to our office IP space
I believe Josh Snyder still offers email support. j...@imagestream.com Jeff Broadwick ConVergence Technologies, Inc. 312-205-2519 Office 574-220-7826 Cell jbroadw...@converge-tech.com On Feb 20, 2015, at 2:00 PM, Josh Luthman j...@imaginenetworksllc.com wrote: Firewall of course. Josh Luthman Office: 937-552-2340 Direct: 937-552-2343 1100 Wayne St Suite 1337 Troy, OH 45373 On Fri, Feb 20, 2015 at 1:48 PM, That One Guy thatoneguyst...@gmail.com wrote: should have been more clear, other than showing up in traceroutes, whats the best way to make it not respond to anything but our IP space? On Fri, Feb 20, 2015 at 11:40 AM, That One Guy thatoneguyst...@gmail.com wrote: I turned off telnet, and have a 5 failed attempt lock in the firewall, but other than when Im at home I dont ssh into these things anymore so configuring it to only allow ssh from our subnets is fine. I winscp to it if Im making a major change or ssh if its small. On Fri, Feb 20, 2015 at 11:33 AM, Josh Luthman j...@imaginenetworksllc.com wrote: Can you block SSH to them from outside your network and use a VPN? Or SSH gateway? Josh Luthman Office: 937-552-2340 Direct: 937-552-2343 1100 Wayne St Suite 1337 Troy, OH 45373 On Fri, Feb 20, 2015 at 12:29 PM, That One Guy thatoneguyst...@gmail.com wrote: I need to lock down our imagestreams to our network only, primarily because its irritating when Im configuring to have the connection attempts displace the text. The caveat is I would like to be able to access from my laptop from anywhere -- All parts should go together without forcing. You must remember that the parts you are reassembling were disassembled by you. Therefore, if you can't get them together again, there must be a reason. By all means, do not use a hammer. -- IBM maintenance manual, 1925 -- All parts should go together without forcing. You must remember that the parts you are reassembling were disassembled by you. Therefore, if you can't get them together again, there must be a reason. By all means, do not use a hammer. -- IBM maintenance manual, 1925 -- All parts should go together without forcing. You must remember that the parts you are reassembling were disassembled by you. Therefore, if you can't get them together again, there must be a reason. By all means, do not use a hammer. -- IBM maintenance manual, 1925
