Port mirroring on Linux [closed]
https://stackoverflow.com/questions/13113181
italiano
english
français
española
中国
日本の
العربية
Deutsch
한국어
Português
RussianQuestion
I have Kippo running on my VPS, and I can't get it to run under port 1024 due to restrictions in Linux not allowing normal accounts to use ports under 1024. If I try, it gives an error with some Python gibberish about not being able to listen on a port under 1024.
I'd rather not run Kippo run as root just in case some how they get out of the Kippo enviroment.
So what I'm looking at doing is using IPTables to "Mirror" all traffic going to port 2222 on 22 so that a "bot" can see SSH running on port 22 and do its thing.
Is that feasible? If so, how?
Solution
Use a DNAT rule:
iptables -t nat -A PREROUTING -m tcp -p tcp --dport 22 -j REDIRECT --to-port 2222
You may want to lock down further with specific IP address filters
Licensed under: CC-BY-SA with attribution
Not affiliated with StackOverflow
