Boston Linux & Unix (BLU) Home | Calendar | Mail Lists | List Archives | Desktop SIG | Hardware Hacking SIG
Wiki | Flickr | PicasaWeb | Video | Maps & Directions | Installfests | Keysignings
Linux Cafe | Meeting Notes | Blog | Linux Links | Bling | About BLU

BLU Discuss list archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Attack from a reserved address

On Thu, Aug 31, 2006 at 12:41:24PM -0400, Larry Underhill wrote:
> slightly OT: what are the general practices folks that folks take to
> secure the "public" services on their home boxen? I have ssh and http
> available. 

My home box has ssh open. The steps I have taken to secure it:

* Ensure that all applicable security updates are applied,
* Use strong passwords. I have no problem remembering them (hell, I
still remember the 17-character VIN of my first car), and it is
highly improbably that someone will guess it within a reasonable
period of time.

There is no elaborate firewall system in place, just good old
tcpwrappers. The one and only IP in /etc/hosts.deny is a host that
tried to login via ssh several thousand times. It was added not
because I was concerned that he/she/it would eventually succeed, but
because I was tired of hearing all the hard drive activity.

This strategy is not immune to someone installing a keylogger on a
system I login from. So eventually I plan to have individual ssh keys
on each host I normally use, each with a unique passphrase. This
creates a framework whereby there is far greater partition-ability and
flexibility to implement further measures.

This message has been scanned for viruses and
dangerous content by MailScanner, and is
believed to be clean.

BLU is a member of BostonUserGroups
BLU is a member of BostonUserGroups
We also thank MIT for the use of their facilities.

Valid HTML 4.01! Valid CSS!

Boston Linux & Unix /