Mailing List Archive
tlug.jp
Mailing List
tlug archive
tlug Mailing List Archive
|
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [tlug] remote access to server
- Date: Sat, 3 Jun 2017 10:27:19 -0300
- From: "SCHWARTZ, Fernando G." <fgs@example.com>
- Subject: Re: [tlug] remote access to server
- References: <1a3aa51d-c95d-a22e-3d3d-4e931f4bfd38@me.scn-net.ne.jp>
- User-agent: Mozilla/5.0 (X11; Linux x86_64; rv:49.0) Gecko/20100101 Firefox/49.0 SeaMonkey/2.46
Kevin Sullivan wrote:
Port :22 is now closed before they get around to guessing my non-root super-user name and pw.
Won't happen here. This is a puny " guessing work ". ... Unless you ever used your admin user credentials elsewhere, of course.
What methods allow relatively secure remote login for admin purposes from outside the local lan? Noobie here on the finer points of sysadmin and running a webserver from home open to the big bad world out there.
Our colleagues here mention some of the direct measures you can go down top to bottom depending on how the attacker is really capable of compromising your system, but in this scenario, a combination of unique admin credentials plus " fail2ban " feature in place and the " allowrootlogin " config to your SSHD service set to " no " makes it impractical.
Changing default port number is not only an overkill but can lead to having no access at all from systems/networks only allowing traffic from established ports.
Best,
- References:
- [tlug] remote access to server
- From: Kevin Sullivan
- [tlug] remote access to server
- Prev by Date: Re: [tlug] remote access to server
- Next by Date: Re: [tlug] remote access to server
- Previous by thread: Re: [tlug] remote access to server
- Next by thread: Re: [tlug] remote access to server
- Index(es):
| Home Page | Mailing List | Linux and Japan | TLUG Members | Links |