possible hacking?

Ward Vandewege ward at pong.be
Wed Jan 25 08:49:40 EST 2006


On Wed, Jan 25, 2006 at 08:36:07AM -0500, Rich Braun wrote:
> There are a variety of countermeasures you can install to prevent future
> attempts but the general rule is to disable all unnecessary applications.  If
> you don't use sshd to get access from outside:  install a firewall and block
> port 22.  If you don't need to compile programs, deinstall gcc or render it
> inoperative.

Also; make /tmp a separate partition, and mount it noexec. Consider
chroot'ing particularly dangerous services, for instance Apache (dangerous
because users can install/run unsafe scripts, Apache's codebase itself is
quite good).

> I also have discovered there is more "security in obscurity" than many experts
> think. By moving sshd to a high-numbered port (instead of 22) I see no
> break-in attempts at all on my system--over a period of years--vs the
> more-typical several dozen per day if you leave port 22 visible.

Yes, same observation here. But this might only be a matter of time.

Ward.

-- 
Pong.be         -(   Economic advantage is not in and of itself a valid    )-
Virtual hosting -( purpose or justification for copyright or patent laws.  )-
http://pong.be  -(                                                         )-
GnuPG public key: http://gpg.dtype.org



More information about the Discuss mailing list