iptables +block country

jordon at envygeeks.com jordon at envygeeks.com
Tue Aug 17 15:29:52 UTC 2010


> NoOp, you should consider port knocking for access you your machine.
> I've not used it so I don't have further details. Basically until
> you 'knock' on certain port, in a certain order the port you wish
> to access remains closed. One of my other preferences is to use
> SSH tunnels. I can then access anything on my home system from
> the machine I'm on. This allows me to only open up SSH but still
> have full access. Finally I moved the SSH access to another port
> for better signal to noise ratio.

Port knocking is just security by obscurity in my book, and it can unless
you were smart enough to monitor for scans a simple scan can possibly
unlock that port unless you design the knock a specific way.

Perhaps try: http://www.debian-administration.org/articles/518

Personally, I prefer to use Limit to limit connections so they can't
bruteforce (not that they can since) I also require a key to login and
don't let people know their passwords and don't allow password based login
(only key based as implied).  Fail2ban is also good for banning people, it
will ban them from everything using multi-port but there are some quirks
on Debian based distros (not any that made it worthless but mainly it can
only poll reliably).






More information about the ubuntu-users mailing list