North American Network Operators Group Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical RE: a record?
Isn't it just good security practice to limit telnet/SSH access to only a few choice hosts/subnets? I know I'd never allow the 0/0 net access to a signon screen, even if it is SSH. If you're on vacation and need to access something, call your NOC, and have them temporarily allow your dynamic address for SSH. When a hacker finds an open SSH host, they think two things - This host is important to someone, and that they need more doughnuts... Chuck -----Original Message----- From: [email protected] [mailto:[email protected]] On Behalf Of Frank Louwers Sent: Tuesday, November 15, 2005 3:03 AM To: [email protected] Subject: Re: a record? On Tue, Nov 15, 2005 at 12:01:00AM +0100, Peter Dambier wrote: > > Moving sshd from port 22 to port 137, 138 or 139. Nasty eh? don't do that! Lots of (access) isps around the world (esp here in Europe) block those ports (in and out), so if you ever need emergency access to your system from a network you don't know, you'll find yourself blocked. Kind Regards, Frank Louwers -- Openminds bvba www.openminds.be Tweebruggenstraat 16 - 9000 Gent - Belgium
|