> Hi Andrew, > > You are quite correct, I agree with you, its not really a good idea at all. > > End goal in this case was to secure ssh. > I only wanted to allow ssh in from the internet from static IPs I know(work) > and from my home(which was a dyndns address hence the problem). > > A better way would probably be to secure ssh better perhaps with ssh rate > limiting or something? > > I have changed all my rules to only use IPs now as that is better. > > Thanks for the feedback.
I haven't tried this personally, but you could also look into Port Knocking... http://www.shorewall.net/PortKnocking.html ------------------------------------------------------------------------- This SF.net email is sponsored by: Splunk Inc. Still grepping through log files to find problems? Stop. Now Search log events and configuration files using AJAX and a browser. Download your FREE copy of Splunk now >> http://get.splunk.com/ _______________________________________________ Shorewall-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/shorewall-users
