IPTables - Block Internet Access To SSH (22) Except Verified IP's
Jul 1, 2007
I recently looked at my secure and mesaages log and have been getting a lot of failed SSH root login attempts. So I thought I better do something about it.
Ideally I want to allow SSH login from just 3 remote public IP's, and block all others from even trying
How would you go about implementing this?
I have tried using IPTables, but I think im getting the rule wrong somewhere.
Here is what I have:
Code:
## Access to SSH from Pre-approved IP Addresses ONLY ##
iptables -I INPUT 1 -p tcp --dport 22 -s 123.123.123.123 -j ACCEPT
iptables -I INPUT 2 -p tcp --dport 22 -s 123.123.123.124 -j ACCEPT
iptables -I INPUT 3 -p tcp --dport 22 -s 123.123.123.125 -j ACCEPT
iptables -I INPUT 4 -p tcp --dport 22 -s 0.0.0.0 -j DROP
However this still lets me login from IPs not in the list above?
View 8 Replies
ADVERTISEMENT
Apr 13, 2009
For some reason, I want to block port 25 for temporary time while editing the exim config and open it back using iptables -F command.
Anyone can let me know the command to block port 25 using IPtables command.
View 14 Replies
View Related
Jul 15, 2009
I'm trying to figure out an iptables rule to block certain ips for a limited duration, after which the block rule will be removed.
hits to the iptables filter while the ip is blocked should not renew the timer.
i got as far as:
iptables -A INPUT -m recent --name blacklist --rcheck --seconds 10 -j REJECT
iptables -A INPUT -m recent --name blacklist --remove
but how do i blacklist an ip now ? (this needs to be done via external app and not via iptables matches/hitcounts)
iptables -A INPUT -s xxx.xxx.xxx.xxx -m recent --name blacklist --set
would renew the blacklist every time that ip sends a packet no matter if it is blocked or not. and also that rule would remain in iptables even when expired
View 5 Replies
View Related
Apr 25, 2008
I use
iptables -I INPUT -s 60.216.238.212 -j DROP
To block ip, not working
After issue
netstat -ntu | awk '{print $5}' | cut -d: -f1 | sort | uniq -c | sort -n
I can still see
87 218.86.252.158
163 219.150.191.62
301 60.216.238.212
60.216.238.212 still has 301 connection, any idea.
Basically, I use ddos-deflate to block ddos attack.
I already set the max conection to 25.
But it seems not working.
all the connections over 25 have not been blocked.
Did I miss something?
I mean after I issue
iptables -I INPUT -s 60.216.238.212 -j DROP
Do I need to do something like refresh iptables?
View 0 Replies
View Related
Jun 20, 2007
What is the command I need to issue to block an IP address from my server? I need to block both inbound and outbound access.
I need the rule to append to existing rules so if the server is rebooted the rule will still be in effect.
View 9 Replies
View Related
Oct 12, 2009
i m a part of development team and i can't find way to test site url while defining website on DW when it says whats your site url. what the other guys r entering are my ip and folder name like [url]is this the right way?
View 7 Replies
View Related
Jan 16, 2007
I have a local webcam that I want to access it over the internet. I have a static IP from SBC (my internet service).
I connected the internet line directly to my router/modem/switch (all in one), my computer (192.168.1.100) to a port on the router/modem/switch, and my webcam (192.168.1.101) to another port on the router/modem/switch. I am able to access and view my webcam locally [url] from my home pc.
Now I want my friends to access and view my webcam over the internet. How do I configure it so I can access the webcam from [url]?
View 3 Replies
View Related
Oct 16, 2009
does any one have any advice on choosing a free remote desktop which runs on mac osx to access my vps via the internet , which i recently acquired.
View 7 Replies
View Related
Jun 19, 2007
I am interested if anybody knows who provides mobile satellite internet access?I would like to access the internet from anywhere in the world?. What are the costs? Do they have different speed plans?
View 1 Replies
View Related
Feb 29, 2012
I have XAMPP server which works fine. When I wanted to load webpages through my lan network it said I need to edit httpd-xampp.conf. When I try to load from internet there is no connection at all. I changed httpd-xampp.conf from this
Code :
<LocationMatch "^/(?i:(?:xampp|security|licenses|phpmyadmin|webalizer|server-status|server-info))">
Order deny,allow
Deny from all
Allow from 127.0.0.0/8
ErrorDocument 403 /error/HTTP_XAMPP_FORBIDDEN.html.var
</LocationMatch>
View 3 Replies
View Related
Oct 28, 2012
I recently installed Apache/2.0.64(win32)on my Windows 7 machine and am having a problem with external access. The installation appears to be good as it shows all services running and I can access a basic index.html file through 127.0.0.1
I have ruled out any router or firewall issues and am fairly sure the problem is with the httpd config. But the only changes I've made are to the NameServer and Listen directives, so I'm lost for an answer to the problem.
The NameServer is set to my actual IP address while the Listen one is set to my servers internal IP address, but I have tried switching them around with no success.
The other thing I don't know is if I need to have SQL and myPHP installed just to check basic functionality.
View 1 Replies
View Related
May 7, 2009
my question
i Have a server with centos and WHM cpanel , the last days i have read in the ssh log files (security) many failure logins from many IP adress
i read some about IPtables and everytime when i read in the log for an ip i block this Ip from IPtables , but this seems bad and boring exepiriance everyday.
so does anyone know the exact command for the IPtables , how to have access to my ssh ONLY from my ip address ?
my IP adress it is static and i want only from that ip to have access to the server and noone else from diferent ip
View 6 Replies
View Related
Jan 14, 2009
I'm working with a non-profit and we're looking for an inexpensive hosting but we also need to be able to access MYSQL (port 3306) through the internet.
We use Crystal Reports and need to get to the database directly for reports.
View 12 Replies
View Related
Jan 10, 2008
This might win me the "stupidest idea 2008" award but I was wondering..
I have an active ADSL line at home but I don't have an active account at an ISP.. Could I somehow get Internet access through my VPS (for a week or so, till my new ISP activates my account)?
View 6 Replies
View Related
Oct 16, 2009
Exist a domain (domain.fm), this domain receives constant DDoS attacks and the webmaster of domain.fm has pointed the domain to my server and the DDOS attack has been redirected to me.
Is it possible to block this domain?
I noticed that the webmaster of domain.fm only points the domain to
my server when attacked.
Yesterday my apache has been down for several hours.
I would like to block access to my servers from the domain domain.fm
View 6 Replies
View Related
Mar 13, 2015
I want to run an HTML webpage that accesses an MP3 resource that's also on my website. However, I only want the webpage to have access to the file and block access from those attempting to access the file directly. That leaves me with two options:
1. Block access through the Apache configuration so that only my Webserver can access the resource, or
2. Hide the URL in the code.
How I can go about doing this?
View 1 Replies
View Related
Jun 2, 2008
if it is possible to block external access to Cpanel through port 2082?
View 7 Replies
View Related
Oct 21, 2014
I've seen a number of exploit attemps on the default website which I believe has come via direct access via ip address i.e http://xxx.xxx.xxx.xxx.I have tried to block with .htacess but it seems to be being ignore (possibly by parallels or nginx configuration).how I can block access to the default site to all but 127.0.0.1, server external ip and my ip?
View 19 Replies
View Related
Apr 15, 2013
I downloaded the zip file httpd-2.4.4-win32.zip and ran winmd.exe. I checked the checksum value against those in the file online and they did not match.
View 2 Replies
View Related
Jan 5, 2008
I execute the following commands, in the following order:
iptables --flush
iptables --zero
iptables -A INPUT -s 218.65.12.161 -j DROP
will that last command successfully ban that IP until reboot?
If not, what needs to be done? I can't access my site if I don't flush + zero iptables first but I need to be able to ban with iptables.
View 2 Replies
View Related
Jan 14, 2007
I've had a VPS for a couple of days, (Linux, cPanel), but however I try to set up email on the one account so far put on the server, all I get in response to sending test emails to it is
Quote:
550 "The Recipient Cannot Be Verified".
My host can send emails to the address and I receive them.
My host tells me that I need to switch off "Sender Verify" on the server relaying to the VPS, but surely that is not a good idea as it will reduce the spam protection that this feature provides?
What could cause this to happen?
I have not experienced this problem any of my other servers.
View 5 Replies
View Related
Aug 28, 2012
How can I allow only one ip or a list of ip addresses to access port 8443.I need to limit access this port to few ip addresses and not everyone
View 6 Replies
View Related
Feb 20, 2008
I found a great little app called ID Shutdown Manager which bascially lets you do stuff like wake on LAN, Shutdown, Log Off etc.
The App also has a cgi script which you can call from a web server so you get a web interface to the program.
This is exactly my reason for getting the app as I just wanted to host a web page where I could login from the internet and wake on lan my media PC.
Ok so...
The app gives you all the iis or apache setup instructions and tells you to place the cgi script which is actually a .exe into the scripts folder and then enable basic authentication for it.
Done.
So if I navigate to <SERVER>/scripts/sdmancgi.exe its supposed to give me a user / pass prompt and then when login successful I see the app and can wake on lan etc.
ok I have got this to work
on the actual machine where server is running I can access it in IE7 by localhost etc.. and it works
However when I try to access from another PC in my lan by typing <SERVER>/scripts/sdmancgi.exe I get a nice little message saying the content cannot be displayed you may require to insall a program or something to display it.
If I try to access the page from firefox on same remote PC, it works!
I can also access page from outside my LAN, it works on my N95 browser.
Also I have had friends try it from firefox from the Internet and they say it works as well.
Forgot to mention I am running on port 8081 as I already have other servers running on 8080 and 80 (one is my router and the other server installed itself from setup.exe and I dont know what server its using)
I have also tried latest apache server as well as some other free one. Both have the same effect. Ok in firefox, not in IE.
One would think its a problem with the cgi file not compatible with IE7 however, I even tried to go to default page setup in IIS <SERVER>:8081 and I get the same message. So at this point the server hasnt even tried to access CGI or prompt for Basic Authentication.
I tried googling and not much luck. I read something about CSS and when I view source of failed web page from IE7 it mentions something about CSS so dont know if this is it?
View 4 Replies
View Related
Aug 4, 2006
I am experiencing a strange problem with iptables: after in activate them, they are gone in a few minutes. For example, I drop traffic from an ip and after few seconds, all rules are flushed without touching anything!
View 2 Replies
View Related
Jan 20, 2008
I need to block about 5000 IPs .. Is it possible to add this amount of IPs to iptables?
I mean ... Will this slow down the machine response?
View 7 Replies
View Related
May 24, 2007
What do you prefer or what do you think is better, iptables or apf for a firewall?
View 9 Replies
View Related
Apr 13, 2009
i install csf on centos,
my server is working but the network is unreachable,
i try to run "service iptables stop",
and the server is unreachable now,
i check from whm,it shows csf is working,
but i ssh the server and type "service iptables status",
it shows "firewall is stopped",
is it correct?
is not,how can i fix the issue?
View 11 Replies
View Related
Apr 10, 2009
Is there a way for me to whitelist myself or something?
I get up everyday and have to call LSN because my server has blocked me for some reason...
View 10 Replies
View Related