Groups | Search | Server Info | Keyboard shortcuts | Login | Register [http] [https] [nntp] [nntps]


Groups > comp.sys.raspberry-pi > #9226

Re: Changing network ports from closed to stealthed

From druck <news@druck.org.uk>
Newsgroups comp.sys.raspberry-pi
Subject Re: Changing network ports from closed to stealthed
Date 2015-07-31 09:46 +0100
Organization A noiseless patient Spider
Message-ID <mpfchg$s6g$1@dont-email.me> (permalink)
References <d1vc4jFj3hiU7@mid.individual.net>

Show all headers | View raw


On 30/07/2015 20:27, David wrote:
> When I DMZ to my Pi (running a VPN server as a test) I can see all the
> ports as "closed" apart from the VPN port. As I understand it the Pi is
> sending a negative response to a request to open the port. This tells the
> far end that there is a device there managing the ports, which is an
> invitation to try again and expand the range of ports probed.
>
> I would like to tell the Pi to ignore all connection requests and stealth
> the ports.

I wouldn't use the DMZ feature, as this exposes all the services you 
have running on the Pi to the internet, and you need to be absolutely 
sure you've configured tem all securely. Instead set the router up to 
forward just ssh to the Pi, and set up your ssh client to tunnel all the 
ports your are interested in via the Pi.

Make sure you configure ssh securely on the Pi, so only authorised 
non-root users can get on, there is plenty of information on the 
internet about how to do this. I have mine set up to only allow a 
special restricted gateway user to be logged on to using a 2048bit RSA 
key and not a password. If forwarding ports this is all that is 
required, if you want to get to a user account, you do an su from there.

If you forward the ssh port 22 on the router to port 22 on the Pi, you 
instantly see attempts to gain access in the /var/log/auth.log If 
instead you pick some random high number above 1000 on the router and 
forward that to port 22 on the Pi, you'll see far less attempts. Make 
sure you use this new port number with any ssh clients.

---druck

Back to comp.sys.raspberry-pi | Previous | NextPrevious in thread | Next in thread | Find similar | Unroll thread


Thread

Changing network ports from closed to stealthed David <wibble@btintenet.com> - 2015-07-30 19:27 +0000
  Re: Changing network ports from closed to stealthed Martin Gregorie <martin@address-in-sig.invalid> - 2015-07-30 20:53 +0000
    Re: Changing network ports from closed to stealthed David <wibble@btintenet.com> - 2015-07-31 10:52 +0000
      Re: Changing network ports from closed to stealthed David <wibble@btintenet.com> - 2015-08-02 16:20 +0000
        Re: Changing network ports from closed to stealthed Martin Gregorie <martin@address-in-sig.invalid> - 2015-08-02 18:42 +0000
          Re: Changing network ports from closed to stealthed Rob <nomail@example.com> - 2015-08-02 19:23 +0000
          Re: Changing network ports from closed to stealthed mm0fmf <none@mailinator.com> - 2015-08-02 20:26 +0100
            Re: Changing network ports from closed to stealthed Martin Gregorie <martin@address-in-sig.invalid> - 2015-08-02 20:08 +0000
            Re: Changing network ports from closed to stealthed The Natural Philosopher <tnp@invalid.invalid> - 2015-08-03 08:34 +0100
          Re: Changing network ports from closed to stealthed Dennis Lee Bieber <wlfraed@ix.netcom.com> - 2015-08-02 19:45 -0400
  Re: Changing network ports from closed to stealthed Rob <nomail@example.com> - 2015-07-30 21:13 +0000
    Re: Changing network ports from closed to stealthed Michael J. Mahon <mjmahon@aol.com> - 2015-07-30 17:12 -0500
      Re: Changing network ports from closed to stealthed Rob <nomail@example.com> - 2015-07-30 22:22 +0000
        Re: Changing network ports from closed to stealthed Michael J. Mahon <mjmahon@aol.com> - 2015-07-30 19:15 -0500
          Re: Changing network ports from closed to stealthed The Natural Philosopher <tnp@invalid.invalid> - 2015-07-31 10:19 +0100
            Re: Changing network ports from closed to stealthed Rob <nomail@example.com> - 2015-07-31 09:33 +0000
              Re: Changing network ports from closed to stealthed The Natural Philosopher <tnp@invalid.invalid> - 2015-07-31 11:23 +0100
              Re: Changing network ports from closed to stealthed David <wibble@btintenet.com> - 2015-07-31 10:57 +0000
          Re: Changing network ports from closed to stealthed David <wibble@btintenet.com> - 2015-07-31 11:07 +0000
            Re: Changing network ports from closed to stealthed Rob <nomail@example.com> - 2015-07-31 11:15 +0000
            Re: Changing network ports from closed to stealthed Roger Bell_West <roger+csrp201507@nospam.firedrake.org> - 2015-07-31 11:22 +0000
            Re: Changing network ports from closed to stealthed Graham. <me@privicy.net> - 2015-08-01 17:03 +0100
            Re: Changing network ports from closed to stealthed druck <news@druck.org.uk> - 2015-08-01 23:30 +0100
  Re: Changing network ports from closed to stealthed druck <news@druck.org.uk> - 2015-07-31 09:46 +0100
    Re: Changing network ports from closed to stealthed The Natural Philosopher <tnp@invalid.invalid> - 2015-07-31 10:13 +0100
      Re: Changing network ports from closed to stealthed I R A Darth Aggie <n0b0dy@invalid.invalid> - 2015-08-02 16:24 +0000
    Re: Changing network ports from closed to stealthed David <wibble@btintenet.com> - 2015-07-31 10:51 +0000

csiph-web