Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security Security-Basics
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: Leaving a door open?

from [Raphaël Rigo ML] Network Security [Permanent Link]
Subject: Re: Leaving a door open?
Date: Fri, 27 May 2005 19:32:10 +0200
Emmanuel Goldstein wrote: 
Hi!

My ISP gives me a static Ip and I was thinking about leaving the SSH
port open so I can access my computer from anywhere since i always
have it switched on.

I have a linux box that is integrated in my home Lan, and a router
with firewall capabilities.

Is this secure??? Note that my admin password is really hard to guess,
so im not concerned about bruteforce attacks.

Should I map ports so instead of opening 22 I access through (eg) 'ssh
-p 7623'. That way is not that obvious i have an open ssh port is, it?

Any other security issues i should be concerned about?
Is this a good idea?
Is it better to just set up an ftp server?


Thanks for your help. Cheers. Bye. 
Hello,

I would say that leaving ssh open isn't that unsecure, but it depends on the level of security you want. If you update your ssh software when a vulnerability is found, then it should be ok.
Changing the port allows to avoid bruteforce attack but a determined attacker would find it.
If you are REALLY concerned about security, you could setup portknocking to open your ssh, but I think it would be overkill for home use.

My 2 cents,
Raphaël Rigo

[More with this subject...]




<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: Leaving a door open?, Gonzalo Martinez
Next by Date:  Re: Linking Password Length to Write-down probability, Mark Burnett
Previous by Thread:  Re: Leaving a door open?, Jonathan Loh
Next by Thread:  Re: Leaving a door open?, v3x
Indexes:  [Date] [Thread] [Top] [All Lists]