[TriLUG] Denyhosts and Custom Regex
Jim Tuttle
jjtuttle at trilug.org
Fri Nov 7 12:10:29 EST 2008
Hi Alan,
The use case is that often I find myself behind wireless access points
in public places that limit outgoing traffic to port 80. That's the
reason for running SSHD on port 80. If I had access to other ports I'd
just run SSHD on one of those less obvious ports.
Thanks, though. I had considered knockd for other applications.
James
Alan Porter wrote:
>> The why isn't related to the how that I questioned the list about,
>> but I'm game. I want to lock it down to reduce the chance that I
>> get nailed by campus IT.
>
> You might want to consider using "knockd" on that SSHD/80 port. You
> can set up your clients to use the knock client automatically in your
> ~/.ssh/config files.
>
> It's surprisingly easy to set up. It listens on a handful of ports
> that you choose (UDP or TCP), and then it sets up some iptables rules
> to open and close the SSHD port. It's pretty sweet.
>
> That way, your campus IT will find nothing at all.
>
> Alan
>
>
--
--
---Jim Tuttle
------------------------------------------------------
http://www.braggtown.com
PGP Key: http://pgp.mit.edu:11371/pks/lookup?op=get&search=0x69B69B08
More information about the TriLUG
mailing list