IP Banning - Security

This is a discussion on IP Banning - Security ; Yesterday I started working with iptables to secure one of my servers. While I am still tweaking that, there is something else I need to look at. I have people logging into this server from all over the world and ...

+ Reply to Thread
Results 1 to 3 of 3

Thread: IP Banning

  1. IP Banning

    Yesterday I started working with iptables to secure one of my servers.
    While I am still tweaking that, there is something else I need to look
    at. I have people logging into this server from all over the world and
    therefore it is not easy for me to lock down the SSH port. My initial
    thought is to leave it wide open, but that leaves the server rather
    vulnerable. My second thought was to create a policy for each of the
    users and their current ip/ip block. This seems rather tedious as many
    user's ip addresses change regularly. So my question is this...

    Is there an easy way to simply list accepted or not-accepted IPs in a
    file and have the firewall do lookups through that?

    Thanks,
    Jason


  2. Re: IP Banning

    "Jason Williard" wrote in message
    news:1133546673.910672.238500@g47g2000cwa.googlegr oups.com

    > Is there an easy way to simply list accepted or not-accepted IPs in a
    > file and have the firewall do lookups through that?


    If your sshd is compiled with tcpwrappers support, then that's what
    /etc/hosts.allow and /etc/hosts.deny are for.


  3. Re: IP Banning

    Don't I feel stupid. Thanks for pointing out what I should have
    already thought of

    Thanks,
    Jason


+ Reply to Thread