Re: Leaving a door open?

[Robert Perriero <ssgsa () mail montclair edu>]

SSH isn't a bad service to leave open, but you need to stay on top of
security updates. A non-standard port is a very good idea. It won't stop
a really determined attacker but it will stop 99% of the port scanning /
bruteforcing attempts that you will see on a regular basis. Also, FTP?
If you open SSH to the world, no need for FTP, just use scp/sftp client
to transfer files.

Robert Perriero
Montclair State University

On Fri, 2005-05-27 at 08:02 +0200, Emmanuel Goldstein wrote:
> Hi!
>
> My ISP gives me a static Ip and I was thinking about leaving the SSH
> port open so I can access my computer from anywhere since i always
> have it switched on.
>
> I have a linux box that is integrated in my home Lan, and a router
> with firewall capabilities.
>
> Is this secure??? Note that my admin password is really hard to guess,
> so im not concerned about bruteforce attacks.
>
> Should I map ports so instead of opening 22 I access through (eg) 'ssh
> -p 7623'. That way is not that obvious i have an open ssh port is, it?
>
> Any other security issues i should be concerned about?
> Is this a good idea?
> Is it better to just set up an ftp server?
>
>
> Thanks for your help. Cheers. Bye.