[CentOS] I appear to be attacking others

Wed Feb 8 14:14:47 UTC 2006
Johnny Hughes <mailing-lists at hughesjr.com>

On Tue, 2006-02-07 at 21:08 -0500, ryan wrote:
> On Tuesday 07 February 2006 11:41 am, James Gagnon wrote:
> > But then again... one has to wonder how secure remote desktop for
> > windows really is... guess it's a win/lose situation =)
> 
> Not as secure as SSH....but I definitely think you are on to something.
> 
> An interesting solution is to have a really locked down but low-end machine 
> (p2/64 MB RAM) on your LAN that serves one purpose - to be an SSH server. 
> 
> Strip the software on this box to SSH and not much else. Set up some firewall 
> rules that deny access to nearly everything but the SSH ports. Run sshd on an 
> oddball port. Deny root logins.
> 
> Restrict all SSH traffic on your server to the SSH server machine on your LAN. 
> Authenticate via host keys, not password.
> 
> If you are REALLY paranoid, turn off the SSH server when you are on your LAN. 
> To break in, an attacker will need to:
> 1. Guess the SSH port.
> 2. Guess when you are not on the LAN (when you are home, you've probably 
> powered down the SSH box).
> 3. Guess or bruteforce the SSH password.

If you turn off passwords and only connect via keys ... they would have
to get your private key.

> 4. Once inside, execute some hack to get root privileges.
> 5. Guess what the machine is actually used for (SSH gateway to real server).


-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 189 bytes
Desc: This is a digitally signed message part
URL: <http://lists.centos.org/pipermail/centos/attachments/20060208/e580fd6c/attachment-0005.sig>