[olug] restricting ports on SSH forwarding

ndjstn at gmail.com ndjstn at gmail.com
Sat May 30 03:07:09 CDT 2020


Not everyone needs it but a dual NIC pfsense box allows you to set firewalls and you could easily block ports or only allow ports. I have done this with an older machine that I had lying around. You can also perform network wide dns sinkhole services like pinhole. You can even assign NICs to different networks and completely block them from communicating.  I have one network just for Iot devices for instance. This should work for your windows server but it’s a process. 

Sent from my iPhone

> On May 28, 2020, at 18:41, Lou Duchez <lou at paprikash.com> wrote:
> 
> So SSH forwarding is a dandy way to get data to travel back and forth over a secure encrypted connection.  The only problem I'm aware of is, if I open up SSH port forwarding on my server to allow access to port 11111, there's nothing stopping a user from using the same SSH connection get at port 22222.
> 
> ... or is there?  Any thoughts on how to limit the port forwarding on an SSH connection?  In particular I'm using freeSSHd on a Windows server, so if anyone knows anything about that, that would help.
> _______________________________________________
> OLUG mailing list
> OLUG at olug.org
> https://www.olug.org/mailman/listinfo/olug


More information about the OLUG mailing list