Re: What can I do about breakin attempts?
- From: Ertugrul Soeylemez <never@xxxxxxxxxxxxxx>
- Date: Mon, 27 Feb 2006 05:18:55 +0100
ibuprofin@xxxxxxxxxxxxxxxxxxxxxx (Moe Trin) (06-02-26 18:15:40):
By restricting the allowed IP addresses, and/or moving the service to
an uncommon port number, I don't see these attempts. The bottom line
answer is "what works for you".
I'm a networking guy, not a crypto student. Blocking/moving comes to
my mind as the quickest solution. There is nothing to prevent
combining these techniques, nor is there much in choice of one over
the other. Actually, what I'm looking at right now is a port-knocking
solution as an alternative to restricting the IP range, though still
using random destination port numbers.
Still, isn't it much better to make brute-forcing (practically)
impossible? If you're a network guy, then you should know that keys are
not just more secure, but also much easier to manage/handle; one single
key for every machine you want to connect to -- without security risks.
However, your non-standard port approach will keep arbitrary
script-kiddies away, but not a 'real' attacker. He will find the port,
and he will also discover your knockd secret, if he has some good reason
to break into your system.
Regards.
.
- Follow-Ups:
- Re: What can I do about breakin attempts?
- From: Moe Trin
- Re: What can I do about breakin attempts?
- From:
- Re: What can I do about breakin attempts?
- From: Grant
- Re: What can I do about breakin attempts?
- References:
- What can I do about breakin attempts?
- From: Chris
- Re: What can I do about breakin attempts?
- From: Moe Trin
- Re: What can I do about breakin attempts?
- From: Ertugrul Soeylemez
- Re: What can I do about breakin attempts?
- From: Moe Trin
- What can I do about breakin attempts?
- Prev by Date: Re: pop3 through ssh tunneling
- Next by Date: Re: chroot email + browser ???
- Previous by thread: Re: What can I do about breakin attempts?
- Next by thread: Re: What can I do about breakin attempts?
- Index(es):
Relevant Pages
|
