Slightly OT: port-knocking etc. (was Re: ipkungfu logging not working )
Peter Garrett
peter.garrett at optusnet.com.au
Sun Jun 17 04:17:14 UTC 2007
On Sat, 16 Jun 2007 20:14:49 -0700
Noah <admin2 at enabled.com> wrote:
> what port knocking system are you using?
I use knockd and knock ( both in the same package )
>
> Is ipkungfu rejected packets ending up in your /var/log/syslog file?
I actually don't use ipkungfu - I just wrote my own iptables script, which
is pretty basic but effective. Input policy is DROP, then I just add some
lines to allow things as required. Since not much is required, my script
is rather short :)
I don't get a lot of hits on the iptables because the machine is behind a
router - but I do see some hits in the log for the ports I have chosen for
port-knocking - this being a random event - and hits on my ssh port from
hopeful scanners ( they have to be *very* hopeful since my sshd_config
etc. is pretty specific about who is allowed - namely almost no-one - and I
use key pairs )
I use port-knocking to access ssh from
other locations ( say on my laptop from an internet cafe etc ) . I can
also use that to set up ssh tunnels for vnc, or to access my music
collection or website for editing. I use sshfs as a secure file access
method.
Peter
More information about the ubuntu-users
mailing list