Gentoo Archives: gentoo-security

From: Kirk Hoganson <kirk2@×××××××××.com>
To: gentoo-security@l.g.o
Subject: Re: [gentoo-security] [OT?] automatically firewalling off IPs
Date: Mon, 03 Oct 2005 20:16:33
Message-Id: 43416522.4010407@lenderlab.com
In Reply to: Re: [gentoo-security] [OT?] automatically firewalling off IPs by rpfc@mega.ist.utl.pt
> >> Jeremy, >> I agree with MaxieZ, a combination of SEC and Iptables work nicely >> in this situation and could be extended to other services like FTP, >> IMAP, Web authentication, etc. I personally do not feel that security >> through obscurity by changing the port numbers is a viable solution. >
A port knocker of some sort is a much more secure solution that will allow you to block all unwanted IP's but still allow for dynamic addresses. There are port knockers that listen on various ports and work like a combination lock to open the port, and there are others that use a more secure one time pad "magic packet" kind of authentication to open the port for your IP. It is more work to setup, but it is more secure than just changing the port. Remember a few years ago when ssh had a remote exploit? You probably shouldn't leave that port open. -- gentoo-security@g.o mailing list

Replies

Subject Author
Re: [gentoo-security] [OT?] automatically firewalling off IPs boger <boger@×××.ru>