Jump to content
  1. mudmanc4

    mudmanc4

  • Similar Content

    • By mudmanc4
      Since I've not been absent minded enough in the past to actually lock myself out of a server (aside those younger days of 'forgetting the root pass" -- this is a first for me, yes I'm a locked out virgin. Special hey ? 
       
      And don't do this if you want continued access via root, or anything else. Sure http and https are available for public facing, but thats it.
      So , I ran ---
       

      iptables -A INPUT -i lo -j ACCEPT iptables -A INPUT -i ! lo -d 127.0.0.0/8 -j REJECT iptables -A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT iptables -A OUTPUT -j ACCEPT iptables -A INPUT -p tcp --dport 80 -j ACCEPT iptables -A INPUT -p tcp --dport 443 -j ACCEPT iptables -A INPUT -p icmp -m icmp --icmp-type 8 -j ACCEPT iptables -A INPUT -j REJECT iptables -A FORWARD -j REJECT  
      After saving iptables permanently , opened another shell logged in with the new user also created to take the place of root with the proper permissions, login was fine for that user. 
       
      After reboot I realized what I had mistakenly forgotten in the chain. See it ? lol Yes thats right , the ssh port - duh-me ?  And a couple other things that render the hosts reporting scripts locked out, ah yes there it is - dummy lol
       
      As I can see it , the only way to get access would be to have host flush iptables from main server node root. Yes, no ? Idea's ?
×
×
  • Create New...