search for: portknock

Displaying 14 results from an estimated 14 matches for "portknock".

Did you mean: port_knock
2005 May 12
12
New Article at Shorewall.net
This article describes how to implement "Port Knocking" in Shorewall. http://shorewall.net/PortKnocking.html -Tom -- Tom Eastep \ Nothing is foolproof to a sufficiently talented fool Shoreline, \ http://shorewall.net Washington USA \ teastep@shorewall.net PGP Public Key \ https://lists.shorewall.net/teastep.pgp.key
2005 Jun 26
1
Knocked port timeout...
I''ve been using the port knocking technique described in the Shorewall docs to control ssh access on one of our servers: http://www.shorewall.net/PortKnocking.html It works great, but occasionally one of the admins forgets to perform the close port operation. This leaves ssh open to the world until one of us notices. I''ve considered adding a cron job to close the port every few minutes. Better yet would be for the port to close automaticall...
2006 Jan 02
4
Shorewall portscanner example rule.
When searching in google I could verify that many examples of used rules in shorewall do not exist to block port scanners external. Example: nmap. Somebody has some rule or example ? thanks.
2014 Aug 18
2
AMI & Elastix
...o AMI 1.1 wich enabled on Elastix "*Asterisk Call Manager/1.1* *Action: Login Username: admin Secret: qweasd123* *Response: Error* *Message: Missing action in request*" Elastix versions: "* Kernel* * Linux(x86_64)-2.6.18-348.1.1.el5* * Elastix* * elastix-2.4.0-1* * elastix-portknock-0.0.1-0* * elastix-agenda-2.4.0-1* * elastix-email_admin-2.4.0-1* * elastix-addons-2.4.0-1* * elastix-fax-2.4.0-1* * elastix-firstboot-2.4.0-1* * elastix-framework-2.4.0-1* * elastix-reports-2.4.0-1* * elastix-my_extension-2.4.0-1* * elastix-extras-2.4.0-1* * elastix-vtigercrm-5...
2016 Jul 30
5
Calls are dropped after 15 minutes
...4 elastix-asterisk-sounds-1.2.3-1 elastix-email_admin-2.4.0-6 elastix-endpointconfig2-2.4.0-2 elastix-extras-2.4.0-5 elastix-fax-2.4.0-4 elastix-firstboot-2.4.0-4 elastix-framework-2.4.0-19 elastix-im-2.4.0-2 elastix-my_extension-2.4.0-6 elastix-pbx-2.4.0-18 elastix-portknock-0.0.1-0 elastix-reports-2.4.0-10 elastix-security-2.4.0-9 elastix-system-2.4.0-13 RoundCubeMail RoundCubeMail-0.3.1-12 Mail postfix-2.3.3-6.el5 cyrus-imapd-2.3.7-12.el5_7.2 IM openfire-3.7.1-1 FreePBX freePBX-2.11.0-17 Asterisk asterisk-11.13.0-0 asterisk-per...
2023 Mar 18
4
Minimize sshd log clutter/spam from unauthenticated connections
Dear OpenSSH developers, a publicly accessible sshd on port 22 generates a lot of log clutter from unauthenticated connections. For an exemplary host on a university network, sshd accumulates 5~20k log lines on a single day (more than 90% of the total amount of syslog lines). That is despite the host having a restricted configuration (no SSH password authentication, firewall rate limit for
2006 Jan 31
24
Need help and advised
Hi folks Im currently doin firewall project.. the scenario is like this.. my application server open port number 3079 the server ip is 202.188.0.132. and now the port can be accessed from everywhere. Now i want to block all the everywhere accessed. But my problem is, the application will be accessed by few locations that doing transaction with the application server. and the said locations are
2004 Aug 26
2
OpenSSH PATCH: OpenCommand and CloseCommand
...tch adds support for the keywords "OpenCommand" and "CloseCommand" to ssh_config. They are commands which are executed before the connection is established (or ProxyCommand started) and after the connection has been closed (or ProxyCommand ended). this is usefull for stuff like portknocking or (that's what I wrote the patch for) talking with trapdoor2 (http://oss.linbit.com/trapdoor2/). it would be great to see that patch applied (or compareable functionality implemented) in one of the coming openssh releases. yours, - clifford PS: I'm not subscribed to this list, so pl...
2006 Jul 15
1
patch to add built-in support for port knocking
All, A friend gave me access to an svn(+ssh) repository the other day, and told me that I needed to do some port knocking to open up ssh. It occurred to me that it would be extremely convenient if I could add a "knock" configuration option for the host to my ~/.ssh/config file and never think about this again (rather than creating a shell script to accomplish this behavior,
2010 Oct 11
3
One server not showing SSH port, the other is.
I have two CentOS servers running SSH on two different non-standard ports. So far as I can tell, they have identical /etc/ssh/sshd_config files with the exception of the different port (both are 22xx). However, when running nmap on them, one betrays the port that SSH is running on, and the other does not. I have shut down iptables on both machines and the behaviour remains this way. What could be
2005 Feb 23
9
shorewall friendly way of limiting ssh brute force attacks?
I was wondering if anyone had implemented rules like this in shorewall: http://blog.andrew.net.au/tech I see tons of brute force attempts on the machines I administer, and I like the idea of limiting them without the need for extra daemons scanning for attacks. Thanks, Dale -- Dale E. Martin - dale@the-martins.org http://the-martins.org/~dmartin
2008 Jun 18
8
Expanding SSHKnock shell script, a few questions please
Hi all, Another Debian Etch fan here, running shorewall (shell) 3.2.6-2 (and Yes I''m going to upgrade when Lenny goes stable). I already have the SSHKnock working, as documented on the website: http://www.shorewall.net/PortKnocking.html Thanks, works great! In addition to the knock to open 22, I want to also ADD a redirect, from 2222 to 22 on an internal box. So, when I knock on 1600 (example), I want the firewall to BOTH open 22 on the firewall, AND redirect 2222 to 22 on internal box. I think I have it figured out, b...
2005 Nov 16
11
Need urgent help regarding security
Good Day! I think we have a serious problem. One of our old server running FreeBSD 4.9 have been compromised and is now connected to an ircd server.. 195.204.1.132.6667 ESTABLISHED However, we still haven't brought the server down in an attempt to track the intruder down. Right now we are clueless as to what we need to do.. Most of our servers are running legacy operating systems(old
2005 May 31
11
More Tests for 2.4.0-RC2 - strange behaviour
...''# addresses should not begin with "!".'' + read first rest + ''['' x# = xINCLUDE '']'' + echo ''# '' + read first rest + ''['' x# = xINCLUDE '']'' + echo ''# See http://shorewall.net/PortKnocking.html for an'' + read first rest + ''['' x# = xINCLUDE '']'' + echo ''# example of using an entry in this column with a'' + read first rest + ''['' x# = xINCLUDE '']'' + echo ''# user-defined action ru...