Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security Security-Basics
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: Leaving a door open?

from [Diego Kellner] Network Security [Permanent Link]
Subject: Re: Leaving a door open?
Date: Fri, 27 May 2005 13:31:19 -0300 
Emmanuel,
I've used this in the past and I consider it secure (much more than
leaving FTP open), as long as you keep up to date with your SSH
server, use SSH2 and have a strong password (I'd recommend
certificates if you access your computer from the same clients). SSH
gives you the ability tu tunnel other not-so-secure applications like
VNC, so you can actually have full control of your computer from the
outside.
Changing the port could help prevent automated attacks on SSH (you'll
probably get a few login attempts a week), but wouldn't stop a
determined attacker from finding out where your SSH is running (as
simple as running NMAP -v).
Regards,
Diego

On 5/27/05, Emmanuel Goldstein <goldstein101@gmail.com> wrote:

Hi!

My ISP gives me a static Ip and I was thinking about leaving the SSH
port open so I can access my computer from anywhere since i always
have it switched on.

I have a linux box that is integrated in my home Lan, and a router
with firewall capabilities.

Is this secure??? Note that my admin password is really hard to guess,
so im not concerned about bruteforce attacks.

Should I map ports so instead of opening 22 I access through (eg) 'ssh
-p 7623'. That way is not that obvious i have an open ssh port is, it?

Any other security issues i should be concerned about?
Is this a good idea?
Is it better to just set up an ftp server?


Thanks for your help. Cheers. Bye.
[More with this subject...]




<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  aretzj.exe -- reappearing unknown system file, Kevin Snively
Next by Date:  Re: Linking Password Length to Write-down probability, Doug . Janelle
Previous by Thread:  Leaving a door open?, Emmanuel Goldstein
Next by Thread:  Re: Leaving a door open?, Gonzalo Martinez
Indexes:  [Date] [Thread] [Top] [All Lists]