Posted: Fri Sep 03, 2010 14:53 Post subject: DD-Wrt Router security problem @ Port 22 [SSH]
Hi, today i found an security risk in the router, port 22 is not stealhed but seen as closed or open depending on how u did set it in options, so with one port seen meens u are seen on the internet by hackers, i belive that opening the port doesnt help much either so how can i make it stealhed?is their an script for it or? something like the port is closed but seen as stealhed?
Well ill wait for replies
firmware used is;
DD-WRT v24-sp2 (08/07/10) mega
(SVN revision 14896)
Posted: Fri Sep 03, 2010 15:37 Post subject: Problem solved.....
Hi i rechecked everything and i found this script in the firewall wich ive putin myself.. i thought that this helped protect the shh and i dont doubt it doesnt but it opens the port for the outside, so my advise is to delete this script outoff firewall if u dont need it!
Script =
iptables -N rate_limit
iptables -F rate_limit
iptables -A rate_limit -p tcp --dport 22 -m limit --limit 3/min --limit-burst 3 -j ACCEPT
iptables -A rate_limit -p udp --dport 1194 -m limit --limit 3/min --limit-burst 3 -j ACCEPT
iptables -A rate_limit -p ICMP --icmp-type echo-request -m limit --limit 3/sec -j ACCEPT
iptables -A rate_limit -p <protocol> --dport <port> -m limit --limit <x/sec/min/hr> --limit-burst X -j ACCEPT
iptables -A rate_limit -p ! ICMP -j LOG --log-prefix " Connection dropped!! "
iptables -A rate_limit -p tcp -j REJECT --reject-with tcp-reset
iptables -A rate_limit -p udp -j REJECT --reject-with icmp-port-unreachable
iptables -A rate_limit -j DROP
iptables -I INPUT -p ICMP --icmp-type echo-request -j rate_limit
iptables -I INPUT -p tcp --dport 22 -m state --state NEW -j rate_limit
iptables -I INPUT -p udp --dport 1194 -m state --state NEW -j rate_limit
iptables -I INPUT -p <protocol> --dport <port> -m state --state NEW -j rate_limit
Well my bad i guess however dont use this if u dont need to.