[CentOS] I appear to be attacking others

Wed Feb 8 02:08:07 UTC 2006
ryan <ryanag at zoominternet.net>

On Tuesday 07 February 2006 11:41 am, James Gagnon wrote:
> But then again... one has to wonder how secure remote desktop for
> windows really is... guess it's a win/lose situation =)

Not as secure as SSH....but I definitely think you are on to something.

An interesting solution is to have a really locked down but low-end machine 
(p2/64 MB RAM) on your LAN that serves one purpose - to be an SSH server. 

Strip the software on this box to SSH and not much else. Set up some firewall 
rules that deny access to nearly everything but the SSH ports. Run sshd on an 
oddball port. Deny root logins.

Restrict all SSH traffic on your server to the SSH server machine on your LAN. 
Authenticate via host keys, not password.

If you are REALLY paranoid, turn off the SSH server when you are on your LAN. 
To break in, an attacker will need to:
1. Guess the SSH port.
2. Guess when you are not on the LAN (when you are home, you've probably 
powered down the SSH box).
3. Guess or bruteforce the SSH password.
4. Once inside, execute some hack to get root privileges.
5. Guess what the machine is actually used for (SSH gateway to real server).