Securing machine from any kind of SSH access

Try to locate the that whether you machine is set to accept all SSH connections under the IPTABLES rules.
# iptables -L INPUT --line-numbers|grep ssh
[will list all the rules applied to the incoming traffic over SSH]
Try to locate the following entry [if it exists in the list shown]
ACCEPT tcp -- anywhere anywhere state NEW tcp dpt:ssh
remove the entry as its defined to accept all the incoming traffic over SSH,and this is how to.
Just pick the row number of the entry [the first column,say its 4th],and then list it using
# iptables -L INPUT 4
and then delete it using
# iptables -D INPUT 4
Now to stop SSH to your machine,just fire the following command.
# iptables -A INPUT -p UDP --dport 22 -j REJECT
# iptables -A INPUT -p TCP --dport 22 -j REJECT
Save the rules.
# service iptables save
Restart the service
# service iptables restart
All this could also have been done by just shutting down the SSH service,but the idea was to try hands at IPTABLES

Comments

Post a Comment

Popular posts from this blog

Address book configuration [LDAP] on Evolution

Select new address book creation using LDAP from the Contacts tab. General Tab - Name : My LDAP [Any Name] Server : Port : 389 Encryption : No Encryption Login method : Using DN Login : Details tab - DC=xxxx,DC=xxxx,DC=xxxx [This can be searched by evolution search button over there] Search scope : Sub Search Filter :(objectclass=*) Edit > Prefs > Auto-completion - Select check box for : Always show addressses of the autocompleted contact Enable the check box for LDAP server [with the name defined at the time of creation as 'My LDAP' under general tab].
Read more

Today was the ....

Here is the latest a fully off topic thing....My farewell mail sent to the people i worked/ interacted at XXXXXX India [Mail] From : Saurabh Sharma Reply-to : sawrub@yahoo.co.in To : Bcc : Subject : Today was the .... Date : Fri, 04 Dec 2009 15:30:38 +0530 Hi All, By god's grace, your well wishes and efforts from my side, finally the day has come when I can subject a mail like this, and be in a situation to bid you all a special bye. And this is how I'll like to orate out the whole thing. - Today was the last morning when I had to get up early at 5:30 AM get ready and then run past the stray dogs barking at me for disturbing them at that hour, and also fearing a call from office that the cab has left from the pick-up point, though i had been a victim of the same a couple of times. - Today was the last morning when I was supposed to log-in to my Linux box and do some maths for getting the sum up at 8+ Hrs for the activities done yesterday and then stamp the same
Read more

Startup error with Thunderbird 3.0

Updated to Thunderbird 3.0 released a month back from its beta version with lightning installed but was greeted with a 2 error messages. On starting the client. Error dialog: An error was encountered preparing the calendar located at moz-profile-calendar:// for use. It will not be available. The issue was locked under bugzilla at redhat, to be a schema issue with the database used for the calender which was to be updated. So finally followed the steps and the issue was solved, and the calender was back in action. 1. Closed Thunderbird. 2. Switched to the profile directory of thunderbird. # /home/sawrub/.thunderbird/*********.default 3. Located the directory holding the calender data. ll calendar-data/ 4. There was the local.sqlite file which actually is a SQLite database. 5. Enter the sqlite console, by executing the command an dwas greeted with the corresponding prompt as. [sawrub@mybox calendar-data]$ sqlite3 local.sqlite SQLite version 3.6.12 Enter ".help"
Read more