You should read up on iptables first before making any changes to any meaningful servers
http://en.wikipedia.org/wiki/Iptables
To block inbound ssh access to your server do the following
iptables -A INPUT -p tcp -m tcp --dport 22 -j DROP
-A means "Append to INPUT chain"
-p means "protocol" in this case TCP
-m means "load module" i.e. match the protocol TCP
-dport means destination port, in this case 22
-j means what to do if the rule is matched i.e. DROP
Make sure that line is above this line in the configuration as iptables reads from the top to the bottom down:
iptables -A INPUT -p tcp -m state --state NEW,ESTABLISHED -j ACCEPT
No comments:
Post a Comment