Security Basics mailing list archives

Re: Leaving a door open?

From: Raphaël Rigo ML <ml () twilight-hall net>
Date: Fri, 27 May 2005 19:32:10 +0200

Emmanuel Goldstein wrote:

Hi!

My ISP gives me a static Ip and I was thinking about leaving the SSH
port open so I can access my computer from anywhere since i always
have it switched on.

I have a linux box that is integrated in my home Lan, and a router
with firewall capabilities.

Is this secure??? Note that my admin password is really hard to guess,
so im not concerned about bruteforce attacks.

Should I map ports so instead of opening 22 I access through (eg) 'ssh
-p 7623'. That way is not that obvious i have an open ssh port is, it?

Any other security issues i should be concerned about?
Is this a good idea?
Is it better to just set up an ftp server?


Thanks for your help. Cheers. Bye.

Hello,

I would say that leaving ssh open isn't that unsecure, but it depends onthe level of security you want. If you update your ssh software when avulnerability is found, then it should be ok.Changing the port allows to avoid bruteforce attack but a determinedattacker would find it.If you are REALLY concerned about security, you could setup portknockingto open your ssh, but I think it would be overkill for home use.


My 2 cents,
Raphaël Rigo

Current thread:

Leaving a door open? Emmanuel Goldstein (May 27)
- Re: Leaving a door open? Diego Kellner (May 30)
- Re: Leaving a door open? Gonzalo Martinez (May 30)
  - Re: Leaving a door open? Jonathan Loh (May 31)
- Re: Leaving a door open? Raphaël Rigo ML (May 30)
- Re: Leaving a door open? v3x (May 30)
- Re: Leaving a door open? Robert Perriero (May 30)
- Re: Leaving a door open? slashboot (May 30)
- Re: Leaving a door open? Ashish Popli (May 30)
- Re: Leaving a door open? J0ck3r (May 30)
  - Re: Leaving a door open? Emmanuel Goldstein (May 30)
- Re: Leaving a door open? SandEr (May 30)
- <Possible follow-ups>
- Re: Leaving a door open? Nobody Special (May 30)