| 1 |
Pe data de Luni 06 Decembrie 2004 23:42, Luigi Pinna a scris: |
| 2 |
> Alle 22:28, lunedì 06 dicembre 2004, Adrian CAPDEFIER ha scritto: |
| 3 |
> > is he doing that using ssh? If your computer is not a public server |
| 4 |
> > where people expect to connect on port 22 then you can alter the port |
| 5 |
> > to say 2222. One of the best security measures around :). You could |
| 6 |
> > also disable password logins and go for key-based authentification |
| 7 |
> > (assuming this doesn't restrict you in some way) |
| 8 |
> > |
| 9 |
> > Good luck. |
| 10 |
> > |
| 11 |
> > Adi. |
| 12 |
> |
| 13 |
> No, my computer is not a public server, I can change the listen port; |
| 14 |
> I'd use key and password: usually I connect from the same machine. |
| 15 |
> I want to do that: a rda key from the host allows to connect to the ssh |
| 16 |
> server and after the usual authentication. |
| 17 |
> Now I try to install a firewall and after that I'd do that. |
| 18 |
> Is it complicated? |
| 19 |
> In this moment I try to learn about firewall-kernel-2.6 modules... |
| 20 |
> Thanks, |
| 21 |
> Luigi |
| 22 |
|
| 23 |
A firewall is a must for every putter connected to the Internet IMO. If you |
| 24 |
install one you can allow access on port 22 to only some hosts and deny to |
| 25 |
everyone else (or the other way arround). |
| 26 |
Alternatively if you're feeling devilish and bored you could also install a |
| 27 |
traffic shaper and make the incomming speed on port 22 (except for some |
| 28 |
hosts) to 1B/s >:) |
| 29 |
|
| 30 |
If you want I can e-mail to you a version of my script used for neghibourhood |
| 31 |
routing that I use to protect my personal computer. |
| 32 |
|
| 33 |
Adi. |
| 34 |
|
| 35 |
-- |
| 36 |
gentoo-user@g.o mailing list |
Archives