Re: security advice wanted for home server

To: debian-security@lists.debian.org
Subject: Re: security advice wanted for home server
From: Sébastien NOBILI <sebnewsletter@free.fr>
Date: Fri, 27 Feb 2009 13:41:09 +0100
Message-id: <[🔎] 20090227124109.GC10285@sebian.nob900.homeip.net>
In-reply-to: <[🔎] 49A7C3E9.9070403@earthsong.free-online.co.uk>
References: <[🔎] 49A7C3E9.9070403@earthsong.free-online.co.uk>

Le vendredi 27 février 09 à 10:43, andy baxter a écrit :
> I can make sure that the server doesn't have any incoming ports open  
> except http and ssh)

I would use another port than 22 for the SSH. If your machine's ports are
being scanned and it appears port 22 is open, then you'll probably have a
lot of brute-force attacks to SSH.
Personally, I redirected on my router a high port number (1234, for
example) to port number 22 of my home server. No more brute-force attacks.

Just in case you didn't think about it, restrict SSH access to certain
users, in /etc/ssh/sshd_config :
    PermitRootLogin no
    AllowUsers your_login

> andy.

Seb

Reply to:

Follow-Ups:
- Re: security advice wanted for home server
  - From: andy baxter <andy@earthsong.free-online.co.uk>
- Re: security advice wanted for home server
  - From: Tom Allison <tom@tacocat.net>

References:
- security advice wanted for home server
  - From: andy baxter <andy@earthsong.free-online.co.uk>

Prev by Date: security advice wanted for home server
Next by Date: Re: security advice wanted for home server
Previous by thread: security advice wanted for home server
Next by thread: Re: security advice wanted for home server
Index(es):
- Date
- Thread