On 06/30/17 17:50, jdow wrote:
> On 2017-06-29 23:25, Samuel Sieb wrote:
>> On 06/29/2017 06:24 PM, Doug wrote:
>>> I tried to write this command to a root console in PCLInuxOS, but it got 
>>> rejected.
>>>
>>> [root@linux1 doug]# iptables -t filter -A IN_public_deny -p tcp --dport 
>>> pop3s
>>> --syn -m recent --name pop3s_attack --rcheck --seconds 90 --hitcount 2 -j 
>>> LOG
>>> --log-prefix 'SSH2 REJECT: ' --log-level info
>>> iptables: No chain/target/match by that name
>>>
>>> Obviously I'm doing something wrong. Do I need some file installed first?
>>> If so, what file? Can you help me, please?
>>
>> Just ignore all this iptables stuff.  It is not at all useful for you. Open 
>> the
>> firewall configuration tool.  In the Public zone, uncheck the ssh service.  
>> Then
>> in the Options menu, select "Runtime to Permanent" to save the configuration
>> change.  That's all you need to do.  By default the firewall is quite 
>> secure, it
>> just leaves the ssh port open.
>
> Sometimes you MUST leave your machine open to ssh or other services. Now 
> what, Kemo
> Sabe?
>
>
I suppose it depends on what "must" means and your situation and resources 
available.

In my case I find it perfectly acceptable to run an openVPN server on my router 
and
remotely access my systems via ssh after connecting.  In addition my 
sshd_config contains

PasswordAuthentication no

PermitRootLogin  no


-- 
Fedora Users List - The place to go to speculate endlessly

Attachment: signature.asc
Description: OpenPGP digital signature

_______________________________________________
users mailing list -- users@lists.fedoraproject.org
To unsubscribe send an email to users-le...@lists.fedoraproject.org

Reply via email to