North American Network Operators Group

Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical

Re: a record?

  • From: Patrick W. Gilmore
  • Date: Tue Nov 15 14:03:59 2005

On Nov 15, 2005, at 12:52 PM, Church, Chuck wrote:

Isn't it just good security practice to limit telnet/SSH access to only
a few choice hosts/subnets? I know I'd never allow the 0/0 net access
to a signon screen, even if it is SSH. If you're on vacation and need
to access something, call your NOC, and have them temporarily allow your
dynamic address for SSH. When a hacker finds an open SSH host, they
think two things - This host is important to someone, and that they need
more doughnuts...
That is an excellent idea. As soon as I hire a NOC for my personal boxes, I'll get right on that. But, since I Am Not An Isp, I doubt that is going to happen soon.

Remember, not every box on the Internet is supported by a whole network of resources (physical and human).