On Sat, Sep 12, 2015 at 08:23:14PM -0400, Scott Robbins
wrote:> On Sat, Sep 12, 2015 at 04:26:09PM -0700, John R Pierce wrote:
> > On 9/12/2015 4:16 PM, Fred Smith wrote:
>
>
> > >I'm wanting to close port 22 (ssh) on my home router, and I
don't see any
> > >facilities in its GUI for doing that.
> >
> > inbound ports that aren't forwarded are closed by default on most
> > any/all NAT routers, unless the router itself is listening to said
> > port.
>
> Isn't there any sort of portforwarding thing? Such as forward port
2222 (I
yes, there is port forwarding, of course. I'm forwarding a different
port to 22 on my desktop, and want to close 22 on the router so it won't
also allow access to 22 on my desktop.
I know,... "security through obscurity is no security at all". But I
figure it doesn't hurt to try.
> wouldn't use that one, it's too common, but as an example) to
192.168.1.5,
> and then have 192.168.1.5 listen on port 2222? Then have a firewall rule
> to allow access on that port and edit /etc/ssh/sshd_config to listen on
> 2222 instead of 22.
It is as I said above, I don't want to have to write firewall rules
for it because then I need to go to the trouble to make sure my custom
rule(s) get reloaded at every reboot.
>
> Looking at
>
http://nextgendigitalhome.com/1829/home-network/scalable-gateway/the-asus-rt-n16-router-firmware-part-4-advanced-wan-settings/
> it seems as if it would allow this and it's described in the section
WAN
> Virtual Server/Port Fowarding.
Ah, i've never seen that resource, thanks! I'll go peruse it and see
what I find.
thanks!
--
---- Fred Smith -- fredex at fcshome.stoneham.ma.us
-----------------------------
"And he will be called Wonderful Counselor, Mighty God, Everlasting
Father,
Prince of Peace. Of the increase of his government there will be no end. He
will reign on David's throne and over his kingdom, establishing and
upholding
it with justice and righteousness from that time on and forever."
------------------------------- Isaiah 9:7 (niv) ------------------------------