North American Network Operators Group

Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical

Re: Telco's write best practices for packet switchingnetworks

  • From: Rob Pickering
  • Date: Wed Mar 06 12:30:15 2002

--On 06 March 2002 15:04 +0000 "Christopher L. Morrow" <[email protected]> wrote:
Eric's point was you deploy your fancy-dan mail server with ONLY 22
and 25 listening,
Um, that would be "ONLY port 25 listening" on it's public network facing interface wouldn't it.

Why would you want to expose a management protocol like ssh to the Internet?

OK so leaving ssh open is convenient, but if we are talking best practice surely having your remote management protocols running on a separate network, or at the very least filtering on a host basis so that it's only listening to connects from your NOC has to be the way to do this.