Bosco Posted July 15, 2005 Posted July 15, 2005 Just a FYI: You should change the default telnet and SSHD ports if you are using these services. By changing the port number to a port that only you know, will help keep down the probes to your server and automated/scripted worms/exploits on the prowl. Another thing to increase security, if using SSHD use Protocol 2 instead of 1 - its more secure. Also, if at all possible setup firewall rules so that only YOUR ip can have access to the telnet/sshd port. This is only helpful when you have a static IP address. In your SSHD config put: PermitRootLogin no This will stop the root user from logging in directly. You must first login as another user, then su to root. This makes it harder for someone to get into your system. They must get the passwords for both a regular user and the root user in order to login to your server remotely. I could go on forever.. but I'll have a security handbook coming out soon on OCC - you may want to check it out when its posted Share this post Link to post Share on other sites More sharing options...
aaronamd Posted July 15, 2005 Posted July 15, 2005 I know about changing port numbers but restricting the IP address is impossible because the school hass a dynamic with REALLY sh|tty 512k dsl shared with a FULL subnet of computers! basically I'm trying to make the internet from my house come through the ssh tunnel and on to the computer I'm using, if their is an easier way please let me know. thanks for the protocol info and info everything you guys have provided, when I had a website I coudent even access it becuase it had no "educational" value. Share this post Link to post Share on other sites More sharing options...
Recommended Posts
Please sign in to comment
You will be able to leave a comment after signing in
Sign In Now