Skip to content

Securing ssh by iptables rules

Securing ssh by iptables rules published on No Comments on Securing ssh by iptables rules

I secured my ssh server in simple way – with iptables rules which will be blocking attackers. I setup my iptables in such way, that it is allowing only one tcp syn packet to ssh port per minute from one ip address. With aditional configuration of sshd daemon the rules will allowing for once login attempt per minute.
iptables rules:

/etc/ssh/sshd_config – this is important, with this, sshd will be closing ssh connections after authentication failure, thus attacker will have to create new ssh connection (and tcp connection) to try again. This fact (new syn packet) will by noticed by iptables

You can check the blocked addresses:

This rules very limited strength of attacks on my ssh.

NanoPi NEO as remote SDR server for RTL2832u

NanoPi NEO as remote SDR server for RTL2832u published on No Comments on NanoPi NEO as remote SDR server for RTL2832u

Today I will show how to make remote SDR radio server for RTL2832u dongle with very small and cheap device such as NanoPi NEO.

The main purpose of this is that I want place the NanoPI with RTL dongle and antenna attached to it on remote location – on high building 250 meters far away from my home. I have wireless bridge connecting my home with this place.

Notice: Wireless have to be able to send about 16Mb/s of tcp trafic from NanoPi to PC. 

On NanoPi I installed Armian Linux. After that I was set up rtl_tcp server:
900001 – this is lowest sample-rate which can be used, I used lowest because my wireless bridge wasn’t able to pass more traffic.

The next step was to setup and start gqrx on my home computer:
Notice: Input rate must be the same as set on rtl_tcp server. – this is IP address of my NanoPi.

And now, we can hear everything around us 🙂

Raspberry Pi 2b as a home router with Cisco switch and VLANs

Raspberry Pi 2b as a home router with Cisco switch and VLANs published on 2 Comments on Raspberry Pi 2b as a home router with Cisco switch and VLANs


Some time ago I configured my Raspberry Pi as a home router. Below, in short brief is shown my configuration.

On the Cisco switch, I have created two vlans:
vlan10 – WAN (Internet connection)
vlan20 – LAN (Home network)

The first port of the Cisco switch is connected to the the Internet, and is configured as access port for vlan10. The second port is connected to the Raspberry Pi as trunk port – traffic from vlan10 and vlan20 is tagged on this port. Third port is in access mode and is connected to the home access point.

Network configuration on Raspberry Pi looks as follows:

On eth0 interface I have set address for management purpose in case of problems with access to the Raspberry Pi from vlan’s side. On vlan10 interface I have to set the custom mac address to obtain IP address from my internet provider. Vlan20 with addresses is for my home network.
The rest of my configuration like NAT, dhcp, dns is pretty standard and will not be posted about it here. If you have questions, I will be happy to answer in the comments 🙂

How Raspberry Pi performs as a router on my 100/50 Mb/s internet connection? Quite nicely for a network card supported by USB – which has Raspberry.