Re: a record?

From: Austin McKinley (no email)
Date: Sat Nov 19 2005 - 19:00:35 EST

  • Next message: Suresh Ramasubramanian: "Re: a record?"

    Or OpenBSD with pf and authpf:

    http://www.openbsd.org/faq/pf/authpf.html

    Austin

    Alexei Roudnev wrote:

    >I said many times - just use non standard port. Number of hackerts who
    >discover this port wil decrease approx 10,000 times, to
    >almost 0 (number).
    >
    >(Of course, except if you are a bank).
    >
    >Other approach exists as well - SecureID on firewall. Login to firewall,
    >authenticate, and have dynamic access list which opens ssh for you (and
    >still keep ssh on port != 22).
    >
    >
    >----- Original Message -----
    >From: "Patrick W. Gilmore" <>
    >To: <>
    >Cc: "Patrick W. Gilmore" <>
    >Sent: Tuesday, November 15, 2005 11:02 AM
    >Subject: Re: a record?
    >
    >
    >
    >
    >>On Nov 15, 2005, at 12:52 PM, Church, Chuck wrote:
    >>
    >>
    >>
    >>>Isn't it just good security practice to limit telnet/SSH access to
    >>>only
    >>>a few choice hosts/subnets? I know I'd never allow the 0/0 net access
    >>>to a signon screen, even if it is SSH. If you're on vacation and need
    >>>to access something, call your NOC, and have them temporarily allow
    >>>your
    >>>dynamic address for SSH. When a hacker finds an open SSH host, they
    >>>think two things - This host is important to someone, and that they
    >>>need
    >>>more doughnuts...
    >>>
    >>>
    >>That is an excellent idea. As soon as I hire a NOC for my personal
    >>boxes, I'll get right on that. But, since I Am Not An Isp, I doubt
    >>that is going to happen soon.
    >>
    >>Remember, not every box on the Internet is supported by a whole
    >>network of resources (physical and human).
    >>
    >>--
    >>TTFN,
    >>patrick
    >>
    >>
    >
    >
    >
    >


  • Next message: Suresh Ramasubramanian: "Re: a record?"





    Hosted Email Solutions

    Invaluement Anti-Spam DNSBLs



    Powered By FreeBSD   Powered By FreeBSD