SSH2

[Burke, Thomas G.]

A lot of IP's that the (l)users come in on are dynamic, so I don't necessarily want to block a user from the web page, say (unless they're from APNIC)...  So, this dude's gonna log off at some point & someone else will get a lease with that IP.  By rerunning my firewall every night (which flushes the rules as the 1st thing it does), I clear it all out & it can start over.
 
To be fair, I think this has all been recently superceded by events, as I have moved the linux box back from being the router, and have installed a LinkSys router between my internal network & the internet.  The linux box now only serves, and does not ipMasq.  The LinkSys box handles that for me, handles ipMasq, and only forwards in the ports I chose (sendmail, ssh, http), so I'm not sure any of that stuff is worthwhile to me, anymore.
 
    -Tom

-----Original Message-----
From: redhat-list-bounces at redhat.com [mailto:redhat-list-bounces at redhat.com]On Behalf Of Chris W. Parker
Sent: Wednesday, April 06, 2005 3:08 PM
To: General Red Hat Linux discussion list
Subject: RE: SSH2



Burke, Thomas G. < mailto:tg.burke at ngc.com> 
    on Wednesday, April 06, 2005 5:06 AM said: 

> There's a tool called portsentry that works pretty well on some of 
> these things.  You can set up its sensitivity to certain events & it 
> will drop (l)users into hosts.deny and also much your ipchains to 
> drop anything from that source into your bit bucket, so it appears 
> that you just fell off the earth. 

That sounds nice. 

> Of course, the routes get reset on 
> power cycles & so forth (or in my case, I rerun my firewall script 
> every midnight to flush out all the rules & reload) 

What's the purpose of clearing the list of denied clients? Or did I 
misunderstand you? 



Chris. 

-- 
redhat-list mailing list 
unsubscribe mailto:redhat-list-request at redhat.com?subject=unsubscribe 
https://www.redhat.com/mailman/listinfo/redhat-list