Page 1 of 1
Protect SSH using CSF
Posted: 25 Jun 2013, 04:25
by waddy
Hi,
Great product. We are experiencing attacks on our ssh port,we have changed the port but still continues.
Can you please explain how and what to enter to allow a subnet into ssh port and deny all others access to ssh port?
Very new to csf.
Thanks.
Re: Protect SSH using CSF
Posted: 25 Jun 2013, 15:44
by Sergio
First of all,
when you changed the SSH port did you deleted the old one on the iptables? did you added the new one? the attacks continued on the new one?
Sergio
Re: Protect SSH using CSF
Posted: 27 Jun 2013, 03:19
by waddy
Yes thats correct Sergio, our server is being hit hard, port scanned, brute force ssh and trying dns recursive exploit. For weeks.
I would like to know how to block all IP's from our ssh port, but allow a subnet or dyndns address that resolves.
Any help?
Re: Protect SSH using CSF
Posted: 27 Jun 2013, 04:59
by Sergio
Well, what you can do is to delete your SSH port from the TCP IN/OUT in CSF configuration and then add the IP block that you want to use the SSH port to your ALLOWED IPs file, read on the readme.txt how to add IPs to the white list using specific ports.
Sergio