Date: Tue, 30 Jul 2002 15:25:46 +0800 (SST) From: SaJaRi <sajari@singnet.com.sg> To: Joe White <joe@edgehosting.com> Cc: freebsd-isp@FreeBSD.ORG Subject: Re: SSHD Lockdown Message-ID: <Pine.OSF.4.10.10207301523230.11066-100000@singapura.singnet.com.sg> In-Reply-To: <003f01c23702$84a5dd00$0a800a0a@edgehosting.com>
next in thread | previous in thread | raw e-mail | index | archive | help
Hi there! If the new server is only to be access from 2 other server and do not need an internet access my suggestion is don't do default route and just do static route the the machine u need to to access. So no worry about security. U can add default route as and when required. Cheers! ************************* Sajari Bin Sarkan * SingNet Network Support * ************************* -----BEGIN PGP PUBLIC KEY BLOCK----- Version: 2.6.i mQBtAjc9fI4AAAEDAMx6kkJcuhMq9TJEecb3JaiHe6fHRMlaVX/5Om7eCi2xdONO HfVeuTUryabhb7J2mRgKo7z4YWoNxOdNdDtRVaMfD7H18mdV0KYvlR/+9NAgKGxi UEaOYPJsKNHWCAKV1QAFEbQeU2FKYVJpIDxzYWphcmlAc2luZ25ldC5jb20uc2c+ =gG2n -----END PGP PUBLIC KEY BLOCK----- On Mon, 29 Jul 2002, Joe White wrote: > I'm looking for the best way to secure SSHD. I'm creating a new server, where only 2 other boxes should be able to access via SSH, and I was wondering what the best way to allow those 2, and only those 2 boxes to access it. Anything outside of SSHD daemon that could also help? I'm going to implement tcpwrappers as well, but not packet filtering software (ipfw / ipf). Any suggestions would be greatly appreciated. > > Cheers! > Joe White > Edge Networking Solutions > http://www.edgenetworkingsolutions.com > jwhite@EdgeNetworkingSolutions.com > 248.561.2827 > To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.OSF.4.10.10207301523230.11066-100000>