SSH
Sometimes you jsut need to ssh in to a specific port on a host, becuase well running ssh on a standard port is often a bad idea. ssh asdfasdf -p 80` (lowercase p)
scp
Again if ssh is then running on a different port you are going to need to use scp on a different port. A similar syntax is needed for that.
scp -P 80 … # Use port 80 to bypass the firewall, instead of the scp default (uppercase P)
#nmap nmap cheat sheet nmap-cheatsheet-a-quick-reference-guide
iptables!
flooding of RST packets, smurf attack Rejection
iptables -A INPUT -p tcp -m tcp –tcp-flags RST RST -m limit –limit 2/second –limit-burst 2 -j ACCEPT
Protecting portscans
Attacking IP will be locked for 24 hours (3600 x 24 = 86400 Seconds)
iptables -A INPUT -m recent –name portscan –rcheck –seconds 86400 -j DROP iptables -A FORWARD -m recent –name portscan –rcheck –seconds 86400 -j DROP
Remove attacking IP after 24 hours
iptables -A INPUT -m recent –name portscan –remove iptables -A FORWARD -m recent –name portscan –remove
These rules add scanners to the portscan list, and log the attempt.
iptables -A INPUT -p tcp -m tcp –dport 139 -m recent –name portscan –set -j LOG –log-prefix “portscan:” iptables -A INPUT -p tcp -m tcp –dport 139 -m recent –name portscan –set -j DROP
iptables -A FORWARD -p tcp -m tcp –dport 139 -m recent –name portscan –set -j LOG –log-prefix “portscan:” iptables -A FORWARD -p tcp -m tcp –dport 139 -m recent –name portscan –set -j DROP
surfing as googlebot http://proggblo.blogspot.com/2013/09/how-to-surf-as-googlebot-in-chrome-easy.html