Securing sshd against unwanted login attempts

From: Flemming Frøkjær (none@flemmingf--gmail.com.lh.bsd-dk.dk)
Date: Sun 31 Oct 2004 - 10:58:02 CET

Next message: Erik Norgaard: "Re: Securing sshd against unwanted login attempts"
Previous message: Soeren Straarup: "BSD-jy xmas thing"
Next in thread: Erik Norgaard: "Re: Securing sshd against unwanted login attempts"
Reply: Erik Norgaard: "Re: Securing sshd against unwanted login attempts"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Mail actions: [ respond to this message ] [ mail a new topic ]

Date: Sun, 31 Oct 2004 10:58:02 +0100
From: Flemming Frøkjær <none@flemmingf--gmail.com.lh.bsd-dk.dk>
To: bsd-dk@bsd-dk.dk
Subject: Securing sshd against unwanted login attempts

In the last week we have Had several posts regarding protecting sshd
from unwanted login attempts. I did find a interesting solution a
couple of months ago.
The solutions is called port knocking. It really simple. You simply
block the port sshd is listening on.
That effectively gets rid of all unwanted ( and wanted) login attempts.
To let you login to you configure your firewall to block and log a
range of ports. A small daemon is configured to monitor the firewall
log files, and a when a right combination of connection attempts are
observed on those ports a new firewall rule is added that will open
for only your IP address to reach the ssh daemon.

Take a look at www.portknocking.org

Next message: Erik Norgaard: "Re: Securing sshd against unwanted login attempts"
Previous message: Soeren Straarup: "BSD-jy xmas thing"
Next in thread: Erik Norgaard: "Re: Securing sshd against unwanted login attempts"
Reply: Erik Norgaard: "Re: Securing sshd against unwanted login attempts"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Mail actions: [ respond to this message ] [ mail a new topic ]

This archive was generated by hypermail 2b30 : Wed 15 Nov 2006 - 18:24:44 CET