Telnet Server

[Bosco]

Just a FYI: You should change the default telnet and SSHD ports if you are using these services. By changing the port number to a port that only you know, will help keep down the probes to your server and automated/scripted worms/exploits on the prowl.

 

Another thing to increase security, if using SSHD use Protocol 2 instead of 1 - its more secure.

 

Also, if at all possible setup firewall rules so that only YOUR ip can have access to the telnet/sshd port. This is only helpful when you have a static IP address.

 

In your SSHD config put: PermitRootLogin no

 

This will stop the root user from logging in directly. You must first login as another user, then su to root. This makes it harder for someone to get into your system. They must get the passwords for both a regular user and the root user in order to login to your server remotely.

 

I could go on forever.. but I'll have a security handbook coming out soon on OCC - you may want to check it out when its posted

[aaronamd]

I know about changing port numbers but restricting the IP address is impossible because the school hass a dynamic with REALLY sh|tty 512k dsl shared with a FULL subnet of computers!

 

basically I'm trying to make the internet from my house come through the ssh tunnel and on to the computer I'm using, if their is an easier way please let me know.

thanks for the protocol info and info everything you guys have provided, when I had a website I coudent even access it becuase it had no "educational" value.