[olug] restricting ports on SSH forwarding
ndjstn at gmail.com
ndjstn at gmail.com
Sat May 30 03:07:09 CDT 2020
Not everyone needs it but a dual NIC pfsense box allows you to set firewalls and you could easily block ports or only allow ports. I have done this with an older machine that I had lying around. You can also perform network wide dns sinkhole services like pinhole. You can even assign NICs to different networks and completely block them from communicating. I have one network just for Iot devices for instance. This should work for your windows server but it’s a process.
Sent from my iPhone
> On May 28, 2020, at 18:41, Lou Duchez <lou at paprikash.com> wrote:
>
> So SSH forwarding is a dandy way to get data to travel back and forth over a secure encrypted connection. The only problem I'm aware of is, if I open up SSH port forwarding on my server to allow access to port 11111, there's nothing stopping a user from using the same SSH connection get at port 22222.
>
> ... or is there? Any thoughts on how to limit the port forwarding on an SSH connection? In particular I'm using freeSSHd on a Windows server, so if anyone knows anything about that, that would help.
> _______________________________________________
> OLUG mailing list
> OLUG at olug.org
> https://www.olug.org/mailman/listinfo/olug
More information about the OLUG
mailing list