 |
Home
| Calendar
| Mail Lists
| List Archives
| Desktop SIG
| Hardware Hacking SIG
Wiki | Flickr | PicasaWeb | Video | Maps & Directions | Installfests | Keysignings Linux Cafe | Meeting Notes | Blog | Linux Links | Bling | About BLU |
|
Home
| Calendar
| Mail Lists
| List Archives
| Desktop SIG
| Hardware Hacking SIG
Wiki | Flickr | PicasaWeb | Video | Maps & Directions | Installfests | Keysignings Linux Cafe | Meeting Notes | Blog | Linux Links | Bling | About BLU |
On Thu, Aug 31, 2006 at 12:41:24PM -0400, Larry Underhill wrote: > slightly OT: what are the general practices folks that folks take to > secure the "public" services on their home boxen? I have ssh and http > available. My home box has ssh open. The steps I have taken to secure it: * Ensure that all applicable security updates are applied, * Use strong passwords. I have no problem remembering them (hell, I still remember the 17-character VIN of my first car), and it is highly improbably that someone will guess it within a reasonable period of time. There is no elaborate firewall system in place, just good old tcpwrappers. The one and only IP in /etc/hosts.deny is a host that tried to login via ssh several thousand times. It was added not because I was concerned that he/she/it would eventually succeed, but because I was tired of hearing all the hard drive activity. This strategy is not immune to someone installing a keylogger on a system I login from. So eventually I plan to have individual ssh keys on each host I normally use, each with a unique passphrase. This creates a framework whereby there is far greater partition-ability and flexibility to implement further measures. -- This message has been scanned for viruses and dangerous content by MailScanner, and is believed to be clean.
 |
|
| BLU is a member of BostonUserGroups | |
| We also thank MIT for the use of their facilities. | |
