I''ve been using the port knocking technique described in the Shorewall docs to control ssh access on one of our servers: http://www.shorewall.net/PortKnocking.html It works great, but occasionally one of the admins forgets to perform the close port operation. This leaves ssh open to the world until one of us notices. I''ve considered adding a cron job to close the port every few minutes. Better yet would be for the port to close automatically as soon as a properly knocked connection was established... but I''m not sure how to do this. Any suggestions would be greatly appreciated! Best regards, -Tom
2005/6/26, Tom Lisjac <netdxr@gmail.com>:> I''ve been using the port knocking technique described in the Shorewall > docs to control ssh access on one of our servers: > > http://www.shorewall.net/PortKnocking.html > > It works great, but occasionally one of the admins forgets to perform > the close port operation. This leaves ssh open to the world until one > of us notices.To the world ? Actually it should left it open only for his IP from where he did the port knocking, isn t it ? Niko