add another port to sshd:
$ grep Port /etc/ssh/sshd_config
Port 22
Port 44444
test it works:
$ telnet 127.0.0.1 44444
block that port:
$ cat /etc/ipf/ipf.conf
set intercept_loopback true;
pass in all
pass out all
block in from any to any port = 44444
#pass in from 127.0.0.1 to any port = 44444
test it's blocked
$ telnet 127.0.0.1 44444
just in case we screw:
$ sudo crontab -l | tail -n1
* * * * * /usr/sbin/svcadm disable network/ipfilter
sábado, 17 de enero de 2015
Suscribirse a:
Entradas (Atom)