Restrict PORT to connect to original client only

Hi, I'm looking at securing our embedded ftp server from port bounce attacks (CA-1997-27) and following the advice at https://www.cert.org/historical/advisories/CA-1997-27.cfm? I have removed the anonymous user, but I want to configure the server to only allow the PORT command to connect back

Re: Partial Disabling of port 22 using apache-mina SSHD

Thanks. Will use that. -Garima Jain On Jun 20, 2016 10:31 PM, "Ashish" wrote: > On Mon, Jun 20, 2016 at 9:43 AM, garima jain > wrote: > > Can we use black list/whitelist feature? > > This is what you should use. > > > > > -Garima Jain > > On

Re: Partial Disabling of port 22 using apache-mina SSHD

On Mon, Jun 20, 2016 at 9:43 AM, garima jain wrote: > Can we use black list/whitelist feature? This is what you should use. > > -Garima Jain > On Jun 20, 2016 10:12 PM, "elijah baley" wrote: > >> There are many options - depending on the actual

RE: Partial Disabling of port 22 using apache-mina SSHD

Can we use black list/whitelist feature? -Garima Jain On Jun 20, 2016 10:12 PM, "elijah baley" wrote: > There are many options - depending on the actual setup: > - You can move SSHD to a non-standard port on all interfaces - easy to do > when setting up the server - just

RE: Partial Disabling of port 22 using apache-mina SSHD

There are many options - depending on the actual setup: - You can move SSHD to a non-standard port on all interfaces - easy to do when setting up the server - just call "setPort" on the SshServer instance- You can bind SSHD to a specific interface (e.g., 127.0.0.1)om port 22 and bind SFTP to

Re: Partial Disabling of port 22 using apache-mina SSHD

Hi elijah, The requirement is to block port 22 for SSH and accept SFTP connections on Port 22. Is there a class/method that can help us achieve the aim? -Garima Jain. On Fri, Jun 17, 2016 at 3:27 PM, elijah baley wrote: > Is there some reason your code cannot examine the