Securing machine from any kind of SSH access

Try to locate the that whether you machine is set to accept all SSH connections under the IPTABLES rules.
# iptables -L INPUT --line-numbers|grep ssh
[will list all the rules applied to the incoming traffic over SSH]
Try to locate the following entry [if it exists in the list shown]
ACCEPT tcp -- anywhere anywhere state NEW tcp dpt:ssh
remove the entry as its defined to accept all the incoming traffic over SSH,and this is how to.
Just pick the row number of the entry [the first column,say its 4th],and then list it using
# iptables -L INPUT 4
and then delete it using
# iptables -D INPUT 4
Now to stop SSH to your machine,just fire the following command.
# iptables -A INPUT -p UDP --dport 22 -j REJECT
# iptables -A INPUT -p TCP --dport 22 -j REJECT
Save the rules.
# service iptables save
Restart the service
# service iptables restart
All this could also have been done by just shutting down the SSH service,but the idea was to try hands at IPTABLES

Comments

Popular posts from this blog

Address book configuration [LDAP] on Evolution

Startup error with Thunderbird 3.0

Today was the ....