Mikaela/mikaela.github.io
1
0
Fork 0
mirror of https://github.com/mikaela/mikaela.github.io/ synced 2024-11-23 04:29:31 +01:00
Code Issues Projects Releases Wiki Activity

ufw: use sshguard for protecting sshd

Browse Source
This commit is contained in:
Aminda Suomalainen 2015-09-19 13:46:51 +03:00
parent 57b2207047
commit 4bc4087d2b
1 changed files with 4 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
_posts/2015-06-12-ufw.md
View File

@ -17,7 +17,7 @@ network and with IPv6 your devices have public IPv6 addresses.
This post first has list of commands, then explanations.
```
ufw limit 22/tcp
ufw allow 22/tcp
ufw default deny incoming
ufw default allow outgoing
systemctl enable ufw && systemctl start ufw
@ -31,9 +31,9 @@ ufw allow from 172.16.0.0/16 to any port 17500 proto tcp
ufw allow 60000:61000/udp
```
* 22 TCP/ssh — Prevent more than 6 connections in 30 seconds to the SSH
port and it's the first command as you don't want to lock yourself out
of it.
* 22 TCP/ssh — Allow acces to SSHdm you don't want to lock yourself out.
* previously I used `ufw limit` but it seems to be too oversensitive,
just use SSHGuard.
* Deny incoming connections unless the port has been whitelisted.
* Allow all outgoing connections, keeping list of authorized ports would
be too much for me.