[TriLUG] Denyhosts and Custom Regex

Kevin Kreamer kevin at kreamer.org
Thu Nov 13 01:08:19 EST 2008


James,

Why not run sshd on a high-numbered port?  While the access points in
question might limit ports like 22, they usually stop limiting at port 1024.
(Obviously, your mileage may vary).

Something like 8080 is traditional; something like 8763 is a bit more
obscure.

Kevin

On Fri, Nov 7, 2008 at 12:10, Jim Tuttle <jjtuttle at trilug.org> wrote:

> Hi Alan,
>
> The use case is that often I find myself behind wireless access points
> in public places that limit outgoing traffic to port 80.  That's the
> reason for running SSHD on port 80.  If I had access to other ports I'd
> just run SSHD on one of those less obvious ports.
>
> Thanks, though.  I had considered knockd for other applications.
>
> James
>
> Alan Porter wrote:
> >> The why isn't related to the how that I questioned the list about,
> >> but I'm game.  I want to lock it down to reduce the chance that I
> >> get nailed by campus IT.
> >
> > You might want to consider using "knockd" on that SSHD/80 port.  You
> > can set up your clients to use the knock client automatically in your
> > ~/.ssh/config files.
> >
> > It's surprisingly easy to set up.  It listens on a handful of ports
> > that you choose (UDP or TCP), and then it sets up some iptables rules
> > to open and close the SSHD port.  It's pretty sweet.
> >
> > That way, your campus IT will find nothing at all.
> >
> > Alan
> >
> >
>
>
> --
> --
> ---Jim Tuttle
> ------------------------------------------------------
> http://www.braggtown.com
> PGP Key: http://pgp.mit.edu:11371/pks/lookup?op=get&search=0x69B69B08
>
> --
> TriLUG mailing list        : http://www.trilug.org/mailman/listinfo/trilug
> TriLUG FAQ  : http://www.trilug.org/wiki/Frequently_Asked_Questions
>



More information about the TriLUG mailing list