Speaking of "knocking at the door"... for the person who wants access to their server from random locations... there are "port knocking" solutions where your SSH port (whatever the port number) is normally locked, but if you try to hit port A, B, and C (where A, B, and C are arbitrary closed ports) in quick succession the port opens -- but only for a brief period of time (and maybe only for that IP).
I forget the product, but there's (I think) a product to do this in the standard Debian/Ubuntu repos.
Personally, I have an SSH client (and a public key) on my cell phone. I must note that my primary requirement for a cell phone was a decent SSH client.
Cheers,
Steven Black
On Jul 20, 2011 5:10 PM, "Jeremy L. Gaddis" <jlgaddis@gnu.org> wrote:
> David Ernst <david.ernst@davidernst.net> wrote:
>> I didn't realize that these brute force attempts were so common. Had
>> to go check and see if I was getting hit with such attempts. Indeed,
>> I am. About 1500 failed attempts in the last month. As Jeremy says,
>
> [...]
>
>> I supposed using a non-standard port would keep your log files
>> cleaner, but I don't know that it really makes you any more secure.
>
> More secure? Not necessarily but, for comparison, in the last 30 days I
> see exactly zero failed attempts against SSH on a box at home (with sshd
> running on a high port). Obviously it would only take one attempt if
> the attacker guessed the right username and password, but I certainly
> have a lot less people "knocking on the door".
>
> Somebody will chime in that running sshd on a high random port is
> "security by obscurity", but I don't agree with that.
>
> --
> Jeremy L. Gaddis
>
> _______________________________________________
> BLUG mailing list
> BLUG@linuxfan.com
> http://mailman.cs.indiana.edu/mailman/listinfo/blug
> David Ernst <david.ernst@davidernst.net> wrote:
>> I didn't realize that these brute force attempts were so common. Had
>> to go check and see if I was getting hit with such attempts. Indeed,
>> I am. About 1500 failed attempts in the last month. As Jeremy says,
>
> [...]
>
>> I supposed using a non-standard port would keep your log files
>> cleaner, but I don't know that it really makes you any more secure.
>
> More secure? Not necessarily but, for comparison, in the last 30 days I
> see exactly zero failed attempts against SSH on a box at home (with sshd
> running on a high port). Obviously it would only take one attempt if
> the attacker guessed the right username and password, but I certainly
> have a lot less people "knocking on the door".
>
> Somebody will chime in that running sshd on a high random port is
> "security by obscurity", but I don't agree with that.
>
> --
> Jeremy L. Gaddis
>
> _______________________________________________
> BLUG mailing list
> BLUG@linuxfan.com
> http://mailman.cs.indiana.edu/mailman/listinfo/blug
No comments:
Post a Comment