Re: How do you remotely access a home server/network?

[Slicky Johnson <slickyjohnson@gmail.com>]

On Sat, 26 Feb 2011 23:46:25 +0000
Brian <ad44@cityscape.co.uk> wrote:

> On Sat 26 Feb 2011 at 16:12:33 -0700, Aaron Toponce wrote:
> 
> > Either way, you're exposing your internal network to the Internet
> > if you don't have good security procedures in place. Have a strong
> > password (I recommend http://passwordcard.org), chroot jail your
> > daemon, use remote logging, and take advantage of strict firewalls.
> > In other words, lock it down.
> 
> If the strong password is being used by only one person (which appears
> to be the case here) in what sense is it lacking if it is the only
> security in place? Doesn't it give sufficient lockdown?
> 
> 

Well this thread could certainly go on forever. 

Jason, also have a look at the securing Debian manual with attention on
ssh. Perhaps removing passwords all together and only using a key, no
root, etc. From experience I will say moving your listening port from
22 to something else will keep your logs fairly clear. Internet facing
machine I'm looking at right now only had 8 packets hit 22 yesterday.
Dropped of course and not by chance from the same Chinese IP.