Re: Leaving a door open?

From: RaphaŽl Rigo ML (ml_at_twilight-hall.net)
Date: 05/27/05

  • Next message: Mark Burnett: "Re: Linking Password Length to Write-down probability"
    Date: Fri, 27 May 2005 19:32:10 +0200
    To: Emmanuel Goldstein <goldstein101@gmail.com>
    
    

    Emmanuel Goldstein wrote:
    > Hi!
    >
    > My ISP gives me a static Ip and I was thinking about leaving the SSH
    > port open so I can access my computer from anywhere since i always
    > have it switched on.
    >
    > I have a linux box that is integrated in my home Lan, and a router
    > with firewall capabilities.
    >
    > Is this secure??? Note that my admin password is really hard to guess,
    > so im not concerned about bruteforce attacks.
    >
    > Should I map ports so instead of opening 22 I access through (eg) 'ssh
    > -p 7623'. That way is not that obvious i have an open ssh port is, it?
    >
    > Any other security issues i should be concerned about?
    > Is this a good idea?
    > Is it better to just set up an ftp server?
    >
    >
    > Thanks for your help. Cheers. Bye.
    Hello,

    I would say that leaving ssh open isn't that unsecure, but it depends on
    the level of security you want. If you update your ssh software when a
    vulnerability is found, then it should be ok.
    Changing the port allows to avoid bruteforce attack but a determined
    attacker would find it.
    If you are REALLY concerned about security, you could setup portknocking
    to open your ssh, but I think it would be overkill for home use.

    My 2 cents,
    RaphaŽl Rigo


  • Next message: Mark Burnett: "Re: Linking Password Length to Write-down probability"

    Relevant Pages

    • Re: Secure file transfer from unix to windows
      ... But the difference in security between leaving an ... about them to use system call tracer or use a trojan horse to capture ... With everyone can modify and build up SSH ... will not be able to temper the certificate. ...
      (comp.security.ssh)
    • Re: Secure file transfer from unix to windows
      ... But the difference in security between leaving an ... > about them to use system call tracer or use a trojan horse to capture ... With everyone can modify and build up SSH ... > will not be able to temper the certificate. ...
      (comp.security.ssh)
    • Leaving a door open?
      ... My ISP gives me a static Ip and I was thinking about leaving the SSH ... Note that my admin password is really hard to guess, ...
      (Security-Basics)
    • Re: [Full-disclosure] Why Vulnerability Databases cant do everything
      ... best to relegate programming to a ... is a big difference between these two views of information security. ... but not nearly as important as designing secure systems. ... My favorite example to illustrate this point - ssh. ...
      (Bugtraq)
    • RE: Linux hacked
      ... Also, what exactly did the history file show, can you paste it into a mail ... > First let me say I'm a security novice. ... > been unsuccessful in getting root back. ... > via ssh but you could su in once logged in as one of three users. ...
      (Security-Basics)