Posts Tagged ‘iptables’

SSH: short for Secure Shell, SSH (developed by SSH Communications Security Ltd.) is a secure protocol for remote logins. Using an SSH client, a user can connect to a server to transfer information in a more secure manner than other methods, such as telnet. Below is an example of how an SSH session, which uses a command line interface, may look. SSH defaults to port 22.

Modify the SSH remote login port to 9999

# vi /etc/ssh/sshd_config
Port 9999
# service sshd restart

Add a port to the firewall

The default iptables only open port 22 for ssh service, the use of additional ports such as 9999 need to add this port to a white list in iptables. If you don’t add this port, you will not connect to the SSH server.

# iptables -I INPUT -p tcp –dport 9999 -j ACCEPT
# iptables -A INPUT -p tcp –dport 9999 -j ACCEPT
#service iptables save

You need to save the command to the iptables configuration file

iptables-save >/etc/sysconfig/iptables

tv crime2Internet trolls are using Tor nowadays to avoid bans by IP. However, banning Tor exit nodes is just slightly more complex. The Tor Project provides a regularly updated list of exit nodes that can access your IP here. As there may be many hundreds or even thousands of nodes, adding them to iptables can hurt your server’s network performance. Enter ipset, a user-space hash table for iptables:

# create a new set for individual IP addresses
ipset -N tor iphash
# get a list of Tor exit nodes that can access $YOUR_IP, skip the comments and read line by line
wget -q$YOUR_IP -O -|sed '/^#/d' |while read IP
  # add each IP address to the new set, silencing the warnings for IPs that have already been added
  ipset -q -A tor $IP
# filter our new set in iptables
iptables -A INPUT -m set --match-set tor src -j DROP