<p>This document describes a small portion of iptables and how to setup a basic firewall using iptables. There are many huge books on iptables so I cannot go into any sort of detail here. If you want to create a more advanced firewall, then I suggest installing shorewall and reading the documentation <a class="urlLink" href="http://www.shorewall.net/Introduction.html" onclick="window.open(this.href, '_blank'); return false;">http://www.shorewall.net/Introduction.html</a> about setting it up. I generally use shorewall on my systems and configure them using <a class="urlLink" href="http://www.webmin.com/" onclick="window.open(this.href, '_blank'); return false;">http://www.webmin.com/</a>.</p>

<h1 class="heading1" id="toc0">Deny Root Login</h1><a href="#top"><div class="heading_top"></div></a> <p><strong>Never allow root ssh access and make sure all users are disabled except the ones you want, I use KUser KDE User Manager, all users are disabled by default except root and your login username.</strong></p> <ol> <li>Open /etc/ssh/sshd_config</li> <li>There should be a line remmed that says #PermitRootLogin yes, unrem that and change to no</li> </ol> <h1 class="heading1" id="toc1">Different Ports and IPs</h1><a href="#top"><div class="heading_top"></div></a> <p>If your clients do not have SSH access (web hosting for example), a<br /> good way to secure your box is to run SSH on an unknown port and IP, so<br /> that people do not know your SSH port, so can't brute force it.</p>