Discover Network Security News
Sniffing with Net::Cap to stealthily managing iptables rules remotely, Part 1
So the trick was to find a way to dynamically allow inbound SSH access from 'authorized' machines. Since the machines he was going to be connecting from were Windows machines with almost no useful software it was a bit of a trick to find something simple.
Using our 10 minute firewall setup, we had already effectively blocked inbound SSH because the initial SYN packet would always be discarded. What we needed was a simple way to allow those inbound SYN packets for a short window.