On Fri, Apr 06, 2001 at 10:39:47AM -0700, Eric N. Valor wrote: <snip> > Well, most folks like to connect to the Web, so port 80 is a must for that > (it's 2-way on the same port). 53 is required only if you're running BIND Is that true? I only block *incoming* port 80, but I'm still able to surf the web. Remember that when your browser talks to the web server, it will be using a normal (i.e. > 1023) port locally, not port 80. > so other servers can make information requests. But I warned about SSH > because unless you're checking logs or have some other reporting system > it's a way for someone to brute-force into your system. I've seen way too > many bad username/password combinations and quite a lack of vigilance to > not put up a warning. Also, there was an exploit put out on BugTraq a If you set "PasswordAuthentication no" in /etc/ssh/sshd_config, then even brute-force hacking of passwords will fail. > while ago regarding SSH-1. I use ssh on my external systems, but only > where the security requirement is medium-low. Even then I make it a point > to keep my eye on the logs. And an IDS isn't a bad idea, either. > -- Karl E. Jørgensen karl@jorgensen.com www.karl.jorgensen.com ==== Today's fortune: __________________________________________________________________________ /\ \ \_| I have hardly ever known a mathematician who was capable of reasoning. | | -- Plato | | _____________________________________________________________________|_ \_/_______________________________________________________________________/
Attachment:
pgpnfLRwB1PFL.pgp
Description: PGP signature