From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from lists.gentoo.org ([140.105.134.102] helo=robin.gentoo.org) by nuthatch.gentoo.org with esmtp (Exim 4.50) id 1ERN4Q-0002Aw-PW for garchives@archives.gentoo.org; Mon, 17 Oct 2005 04:57:59 +0000 Received: from robin.gentoo.org (localhost [127.0.0.1]) by robin.gentoo.org (8.13.5/8.13.5) with SMTP id j9H4t4Ii014221; Mon, 17 Oct 2005 04:55:04 GMT Received: from spok.local.sporn-it.com (dsl-235-192.utaonline.at [212.152.235.192]) by robin.gentoo.org (8.13.5/8.13.5) with ESMTP id j9H4omPF000434 for ; Mon, 17 Oct 2005 04:50:48 GMT Received: from spok.local.sporn-it.com (spok.local.sporn-it.com [127.0.0.1]) by spok.local.sporn-it.com (Postfix) with ESMTP id 025F91B782949 for ; Mon, 17 Oct 2005 06:52:46 +0200 (CEST) Subject: Re: [gentoo-user] Reaching my network over the internet From: Heinz Sporn To: gentoo-user@lists.gentoo.org In-Reply-To: <200510162127.23179.dnebinger@joat.com> References: <49bf44f10510160959n7407c97bj882784795fa2a9e8@mail.gmail.com> <20051017141649.8FB0.NICK@rout.co.nz> <200510162127.23179.dnebinger@joat.com> Content-Type: text/plain; charset=ISO-8859-1 Date: Mon, 17 Oct 2005 06:52:46 +0200 Message-Id: <1129524766.10175.8.camel@spok.local.sporn-it.com> Precedence: bulk List-Post: List-Help: List-Unsubscribe: List-Subscribe: List-Id: Gentoo Linux mail X-BeenThere: gentoo-user@gentoo.org Reply-to: gentoo-user@lists.gentoo.org Mime-Version: 1.0 X-Mailer: Evolution 2.2.3 Content-Transfer-Encoding: quoted-printable X-MIME-Autoconverted: from 8bit to quoted-printable by robin.gentoo.org id j9H4t4J3014221 X-Archives-Salt: 5ecdf47e-8c57-4759-90db-427a770349d0 X-Archives-Hash: 9f3381c508b9115d83f398fe5f641da5 Am Sonntag, den 16.10.2005, 21:27 -0400 schrieb Dave Nebinger: > On Sunday 16 October 2005 09:18 pm, Nick Rout wrote: > > no, you just type: > > > > ssh my.network.com > > > > Depending on your setup you will probably need to set your > > firewall/router to forward port 22 to the machine you want to log int= o. > > Also make sure your ssh server is set up securely. >=20 > This last statement really needs to be highlighted for all of the newbi= es out=20 > there... >=20 > Just opening port 22 will expose your system to attempted break-ins. I= f you=20 > look at your authorize.log (or relevant log depending upon your syslog=20 > config), you'll see after a couple of days different systems accessing = ssh an=20 > trying to log in as root and/or other users. Just wanted to second that strongly. I'm hooking up firewalls to the net pretty much on a daily base. The average time it takes until the first random port scan hits a brand new box is 15 seconds - at least within the areas my customers reside. BTW my highscore is 2 seconds ;-) So running SSH on high-ports plus using RSA for me is pretty much a must. Anyway - the preferred way to remotely access a box should be via VPN IMHO. >=20 > Unless you really feel comfortable with your own security infrastructur= e, your=20 > best bet is to edit your /etc/ssh/sshd_config file and change the port = number=20 > to only something you'd think of in the higher range of port numbers. >=20 > It will still be open, you'll still be able to hit the box from anywher= e=20 > outside your network, but the different port number ensures that random= port=20 > scans and breakin attempts will be significantly lower than if you just= tried=20 > to use standard port #22. --=20 Mit freundlichen Gr=FC=DFen Heinz Sporn SPORN it-freelancing Mobile: ++43 (0)699 / 127 827 07 Email: heinz.sporn@sporn-it.com heinz.sporn@utanet.at Website: http://www.sporn-it.com Snail: Steyrer Str. 20 A-4540 Bad Hall Austria / Europe --=20 gentoo-user@gentoo.org mailing list