Is there a built in way to block access to 1471 and ssh 23 to client except those connected to the management WiFi or eth1? Even with a strong password on the gui, we wouldn't want to be P0wned by the very people that we're trying to pentest. No point in letting them know, "yep that's a pineapple." I could also see security scanners looking for 1471.
I'm assuming we can restrict port 1471 usnig IPTABLES or something like that, but I'm curious if there's a built in way to do this using the GUI.
Related,
1) Is there a downside to changing the default subnet from 172.16.42 to something else? I could see that being a red flag to scanners and
2) Is there a way in the GUI to change the subnet?
Thanks