Re: KPF 2.1.5: Catch-all rule complicates having firewall ask about incoming ssh
- From: "Systemguy" <Me@xxxxxxx>
- Date: Mon, 16 Jul 2007 10:51:13 -0400
"Dubious Dude" <Shifty@xxxxxxxx> wrote in message
news:f7d63p$sb6$1@xxxxxxxxxxx
I would like KPF to ask whether to allow incoming TDP connections to port
22.
Creating a rule only lets the user choose whether to permit or deny the
connection, not whether to prompt for permission or denial. I thought
that I
could delete the rule altogether, in which case the user is prompted to
permit
or deny the incoming ssh. However, the last rule of the firewall is a
catch-all
rule that denies any connections not covered by any other rules. This
prevents
KPF from prompting for incoming TDP connections to port 22. Is there a
way to
have KPF prompt for incoming connections to port 22, yet still maintain
the
catch-all rule?
Thanks.
The short answer is no.
The catch-all is meant to be put into place after you have tuned the
firewall for
all the inbound connection you plan on accepting. That way it will not keep
prompting you when new ports are attempted but simply deny them.
If you actually want someone to be able to connect to your port 22 it makes
more sense to simply allow it in your rules. You could even restrict the IP
addresses allowed to connect. Finally, ensure your ssh application is fully
patched and hardened so only authorized parties can get through.
Cheers,
Systemguy
.
- Follow-Ups:
- References:
- KPF 2.1.5: Catch-all rule complicates having firewall ask about incoming ssh
- From: Dubious Dude
- KPF 2.1.5: Catch-all rule complicates having firewall ask about incoming ssh
- Prev by Date: Re: Why is MS listening
- Next by Date: Re: Why is MS listening
- Previous by thread: KPF 2.1.5: Catch-all rule complicates having firewall ask about incoming ssh
- Next by thread: Re: KPF 2.1.5: Catch-all rule complicates having firewall ask about incoming ssh
- Index(es):
Relevant Pages
|
