Another little tip as regards the defaults ports and always changing them (linux pc server)

I use iptables to block default ports

iptables -A INPUT -p tcp --dport 21 -j DROP
iptables -A INPUT -p tcp --dport 22 -j DROP
iptables -A INPUT -p tcp --dport 23 -j DROP
iptables -A INPUT -p tcp --dport 25 -j DROP
iptables -A INPUT -p tcp --dport 4567 -j DROP
iptables -A INPUT -p tcp --dport 12000 -j DROP
iptables -A INPUT -p tcp --dport 16000 -j DROP
iptables -A INPUT -p tcp --dport 16001 -j DROP

iptables-save

Lets say you checked your /var/log/auth.log

Now here is the login file for your server (ssh), lets say someone decided to try and access it or more than one person.

failed login from lets say 81.40.50.60 and 90.87.35.21

iptables -A INPUT -s 81.40.50.60 -j DROP
iptables -A INPUT -s 90.87.35.21 -j DROP

Again each time you add any rule to iptables you finish with

iptables-save

Also advisable to change the default login port in SSH which is 22.


Now there is a few ways to get the iptable rules to load on startup (reboot and they are gone), I find a very simple method is to simply

iptables-save >/var/etc/iptables.conf

You can save them to whatever path you like, just don't save them to /tmp for obvious reasons.

After a reboot to put iptables back

iptables-restore </var/etc/iptables.conf

I find this way if you need to block any user/ports then by adding more users/ports simply

iptables-save

Then back iptables up again to your folder.

You can simply list what ports and ip addys you have banned with

iptables -L -n


Yes there is the fail2ban and more than likely other scripts for banning users, hopefully those that want to learn some linux will actually do it manually.

Your cccam log will also show you any illegal/dodgy login attempts, simply add them, make a mistake, very easy to remove that users IP.


BTW, don't go blocking your own IP, that would be silly :)