Versions Compared

Old Version 5

changes.mady.by.user Former user

Saved on

compared with

New Version Current

changes.mady.by.user Former user

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

In general, you should regularly update both the user name and/or password, and the 'root' password, particularly if the RediGate is operating on a public network.

The 'root' password cannot be changed through the ACE configuration. It may be changed from a Linux command line by logging in as 'root' with the existing password, and using the passwd command:

Image RemovedSee RediGate User Accounts for a description of the standard login accounts on the RediGate.

See Changing the Root Password for information on setting the administrative password through the command line.

Check for Unauthorized Logins 

...

This screenshot shows the auth.log file of a RediGate experiencing unauthorized logins: 

 

Block Repeated Password Attempts

To hamper the efforts of hackers or bots using repeated login attempts, you can add a firewall rule that will lock out a user if they fail a login too many times in a row. Use the "Custom IPTABLES" option in the Firewall configuration to add several rows, such as in the following example:

Image Removed

The tilde (~) indicates a continuation to the next row. The seconds (120) and hitcount (4) can be adjusted as needed.

# The following lines block SSH attempts after 3 tries, for 2 minutes

iptables -A INPUT -p tcp --dport 22 -m state --state NEW  -m recent --set ~

 --name SSH

iptables -A INPUT -p tcp --dport 22 -m state --state NEW -m recent --update ~

 --seconds 120 --hitcount 4 --rttl --name SSH -j DROP

# NOTE: Do NOT add ppp0 (port 22) into Port Management, only do it here

iptables -A INPUT -p tcp -i ppp0 --dport 22 -j ACCEPT

 

In addition, the Firewall "INPUT Policy" should be set to "Drop All Input Packets," and the "Port Management" section of the Firewall configuration should not include an "ACCEPT Packet" rule for port 22 on the public network.

...

Configure Firewall

It is highly recommended for any system, but especially for those on a public, static IP address network, to configure the firewall.

See RediGate Firewall Configuration for details on RediGate port usage and setting up firewall rules.

With the firewall, you can:

  • Block or Limit Access to Specific Ports
  • Block or Limit Outbound Connections
  • Block Repeated Password Attempts
  • many other options

Block all SSH, Use VPN Instead

...