From: Nick Rout <nick@rout.co.nz>
To: gentoo-user@lists.gentoo.org
Subject: Re: [gentoo-user] Reaching my network over the internet
Date: Mon, 17 Oct 2005 15:21:20 +1300 [thread overview]
Message-ID: <20051017152014.8FB9.NICK@rout.co.nz> (raw)
In-Reply-To: <200510162127.23179.dnebinger@joat.com>
On Sun, 16 Oct 2005 21:27:22 -0400
Dave Nebinger wrote:
> On Sunday 16 October 2005 09:18 pm, Nick Rout wrote:
> > no, you just type:
> >
> > ssh my.network.com
> >
> > Depending on your setup you will probably need to set your
> > firewall/router to forward port 22 to the machine you want to log into.
> > Also make sure your ssh server is set up securely.
>
> This last statement really needs to be highlighted for all of the newbies out
> there...
>
> Just opening port 22 will expose your system to attempted break-ins. If you
> look at your authorize.log (or relevant log depending upon your syslog
> config), you'll see after a couple of days different systems accessing ssh an
> trying to log in as root and/or other users.
>
> Unless you really feel comfortable with your own security infrastructure, your
> best bet is to edit your /etc/ssh/sshd_config file and change the port number
> to only something you'd think of in the higher range of port numbers.
Yes or just leave it where it is on that box and get your firewall to
forward your high port to port 22 on the machine you want to log into.
>
> It will still be open, you'll still be able to hit the box from anywhere
> outside your network, but the different port number ensures that random port
> scans and breakin attempts will be significantly lower than if you just tried
> to use standard port #22.
> --
> gentoo-user@gentoo.org mailing list
--
Nick Rout <nick@rout.co.nz>
--
gentoo-user@gentoo.org mailing list
next prev parent reply other threads:[~2005-10-17 2:26 UTC|newest]
Thread overview: 23+ messages / expand[flat|nested] mbox.gz Atom feed top
2005-10-16 16:59 [gentoo-user] Reaching my network over the internet Grant
2005-10-16 17:16 ` [gentoo-user] " Gabriel M. Beddingfield
2005-10-16 18:01 ` Grant
2005-10-16 18:13 ` John Jolet
2005-10-16 20:44 ` Jonathan Wright
2005-10-17 0:32 ` John Jolet
2005-10-17 8:09 ` Jonathan Wright
2005-10-20 15:37 ` Grant
2005-12-29 23:23 ` Ryan Viljoen
2005-10-17 1:18 ` [gentoo-user] " Nick Rout
2005-10-17 1:27 ` Dave Nebinger
2005-10-17 2:21 ` Nick Rout [this message]
2005-10-17 4:52 ` Heinz Sporn
2005-10-17 8:03 ` Neil Bothwick
2005-12-29 17:28 ` Grant
2005-12-29 20:19 ` Stroller
2005-12-29 21:51 ` Robin
2005-12-29 22:30 ` Grant
2005-12-29 22:42 ` Stroller
2005-12-29 23:13 ` Grant
2005-12-29 23:18 ` Grant
2005-12-30 0:16 ` Stroller
2005-12-29 23:26 ` Ryan Viljoen
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20051017152014.8FB9.NICK@rout.co.nz \
--to=nick@rout.co.nz \
--cc=gentoo-user@lists.gentoo.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox