From owner-freebsd-questions@FreeBSD.ORG  Mon Feb 12 22:23:00 2007
Return-Path: <owner-freebsd-questions@FreeBSD.ORG>
X-Original-To: freebsd-questions@freebsd.org
Delivered-To: freebsd-questions@freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [69.147.83.52])
	by hub.freebsd.org (Postfix) with ESMTP id 1489516A402
	for <freebsd-questions@freebsd.org>;
	Mon, 12 Feb 2007 22:23:00 +0000 (UTC)
	(envelope-from wittig.robert@sbcglobal.net)
Received: from smtp114.sbc.mail.re2.yahoo.com (smtp114.sbc.mail.re2.yahoo.com
	[68.142.229.91])
	by mx1.freebsd.org (Postfix) with SMTP id A29C813C48E
	for <freebsd-questions@freebsd.org>;
	Mon, 12 Feb 2007 22:22:59 +0000 (UTC)
	(envelope-from wittig.robert@sbcglobal.net)
Received: (qmail 97907 invoked from network); 12 Feb 2007 21:54:00 -0000
DomainKey-Signature: a=rsa-sha1; q=dns; c=nofws; s=s1024; d=sbcglobal.net;
	h=Received:X-YMail-OSG:Message-ID:Date:From:User-Agent:MIME-Version:To:Subject:References:In-Reply-To:Content-Type:Content-Transfer-Encoding;
	b=p6lejaAapZylrNw9GVqCWOL0SUSsWG29ubwzxF4OCSErE/xldbOO/5BefoyTXxhioucPvHvR4PP7zI6aiZV4a8f31UHls0hN9iLatv79lXRL5EmOAaPjx1c8Ggfu1IEBnjt9oCFV4l+99DGAchOxKI99JZcP9OB+tDBJiwR3B2Y=
	; 
Received: from unknown (HELO ?192.168.1.3?)
	(wittig.robert@sbcglobal.net@70.142.248.62 with plain)
	by smtp114.sbc.mail.re2.yahoo.com with SMTP; 12 Feb 2007 21:53:59 -0000
X-YMail-OSG: 89_LdxcVM1n3ZDKAO8Cj7HOikTL_4.zXULU1sZCLP7gLsSjhW8IPWHwAwDy9zdMQxcCe8BcwWrvaaF.oxZUuEBVaAa9MHNQCNjYF0atnDgj7Z1UhGgyi2xoNHK3WpWz9Kq4ohuTZ0LYp_N_pBCN.jCokw2PgIy87fruVPrFC57KvplQsA3hIPeYg7U.U
Message-ID: <45D0E1E9.1090301@sbcglobal.net>
Date: Mon, 12 Feb 2007 15:53:45 -0600
From: Robert C Wittig <wittig.robert@sbcglobal.net>
User-Agent: Thunderbird 1.5.0.9 (X11/20061206)
MIME-Version: 1.0
To: freebsd-questions@freebsd.org
References: <45CEC7A4.7030802@ephgroup.com>
In-Reply-To: <45CEC7A4.7030802@ephgroup.com>
Content-Type: text/plain; charset=ISO-8859-1; format=flowed
Content-Transfer-Encoding: 7bit
Subject: Re: Onpening and Closing ports
X-BeenThere: freebsd-questions@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: User questions <freebsd-questions.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>, 
	<mailto:freebsd-questions-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-questions>
List-Post: <mailto:freebsd-questions@freebsd.org>
List-Help: <mailto:freebsd-questions-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>, 
	<mailto:freebsd-questions-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Mon, 12 Feb 2007 22:23:00 -0000

Dave Carrera wrote:
> Hi All,
> 
> Had a little nasty person trying to break my sshd on port 22.
> 
> I need to change and open a new port for sshd but i do not know how.
> 
> Can one of you kind people help me with this please
> 
> Many kind regards
> 

Instead of changing the sshd port, I set a PF rule that only permits 
port 22 logins from a specific list of IP addresses, where I expect ssh 
logins from.

This would definitely not work on a production machine, with a lot of 
people logging in from random IP's, but for a small, private LAN, it 
works very nicely.


-- 
-wittig http://www.robertwittig.com/
.       http://robertwittig.net/