I am running Red Hat Linux version 9 and am seeking a way to block
access to port 22 for anyone outside of North America (since I'm the
only person who should be able to reach port 22, and I travel, but not
outside the country). I would like help with setting up iptables to do
this, if it is indeed possible. If that is not possible, I'd like a
script to set up iptables to block access to port 22 from anywhere
other than a verizon.net IP address (unfortunately these change DAILY
and even the first three numbers can change!). |
Clarification of Question by
davert2-ga
on
05 Apr 2005 10:33 PDT
(Oops, added this as a comment earlier. Meant to do a clarification.
Sorry for the duplicate.)
Along with everyone else, I get a huge number of dictionary attacks. I
guess I'd settle for knowing the rules to block/allow given top-level
domains, e.g. 68.12.x.x ... especially if ranges can be
blocked/entered. Would prefer Webmin instructions by the way.
|
Clarification of Question by
davert2-ga
on
06 Apr 2005 06:20 PDT
If you can tell me how to use the keys method, that would work nicely
- I'm using two machines, an OS X box (using iTerm for access rather
than the much less nifty Terminal), and an OS 9 box (using MacSSH for
access). I'd definitely consider that "answering the question." Thanks
for the alternative. I did think about keys earlier but again couldn't
find an easy guide.
|
Clarification of Question by
davert2-ga
on
06 Apr 2005 06:48 PDT
I did find the answer to the question from Rusty's Surprisingly Unreliable Guides.
Accepting "If protocol is TCP and source is 141.0.0.0/8 and
destination port is 22" will get me everything starting with 141.
that's the rule I needed.
I appreciate your suggestions.
|
Clarification of Question by
davert2-ga
on
06 Apr 2005 06:50 PDT
...bozo, you can either provide info on the keys method at this point,
or if you did find the OS X / OS 9 answer, put it in...
|
