Im running virtual box in headless mode, and the way it works is it starts a RDP server on a specified port for you to RDP to. I want to access these virtual machines remotely, so I have forwarded the relevent ports in the modem/router. However this offers no authentication, and will let anyone get straight to the Login screen. Im a bit worried that Ive forgot to lock the screen a couple of times and others have been able to get into my VMs. Logs from the router/modem show connecitons on the RDP ports. Im not too sure how to tell if they were just scans of if they were able to get right through to the desktop (anything i can check in either the guest windows logs or the host linux logs?)
So what I want to do, is some sort of IP based restriction for these RDP ports.
Do i just add the ports and the allowed IP(s) to hosts.allow ? Is it as simple as that? Or do I need to implement IP tables? I dont want to lock down the whole box as I will need to ssh/squid/openvpn in from any random IP
Cheers
Thanks to powdarrmonkey for the aboveCode:robert@oasis ~ $ sudo iptables -A INPUT -p tcp -s IP_ADDRESS_TO_ALLOW --dport 3388:3392 -j ACCEPT robert@oasis ~ $ sudo iptables -A INPUT -p tcp -s ANOTHER_IP_ADDRESS_TO_ALLOW --dport 3388:3392 -j ACCEPT robert@oasis ~ $ sudo iptables -A INPUT -p tcp --dport 3388:3392 -j DROP
There are currently 1 users browsing this thread. (0 members and 1 guests)
Posting Permissions
LinkBack URL
About LinkBacks
Reply With Quote