Re: How can I secure a Debian installation?

To: debian-user@lists.debian.org
Subject: Re: How can I secure a Debian installation?
From: Brian <ad44@cityscape.co.uk>
Date: Tue, 28 Jan 2014 16:00:38 +0000
Message-id: <[🔎] 20140128160038.GK3888@copernicus.demon.co.uk>
In-reply-to: <[🔎] 20140128141848.1cf7f5a9@jretrading.com>
References: <[🔎] 52E7310A.1050305@q.com> <[🔎] 52E7430C.2010908@gmail.com> <[🔎] 52E76165.7020903@q.com> <[🔎] 20140128094643.6ee293e7@jretrading.com> <[🔎] 20140128115822.GJ3888@copernicus.demon.co.uk> <[🔎] 20140128141848.1cf7f5a9@jretrading.com>

On Tue 28 Jan 2014 at 14:18:48 +0000, Joe wrote:

> On Tue, 28 Jan 2014 11:58:22 +0000
> Brian <ad44@cityscape.co.uk> wrote:
> 
> > The conclusion appears to contradict the first statement.

I might not be have been very clear; the "first statement" I was
referring to is

   > I know *that* *does* *not* *improve* *security*,

then you say

   > I am forced to conclude than in my personal case, it *does*                                                     
   > improve security

It seemed like a contradiction.

Ah, but now I think you go on to explain:

> While a complete portscan will reveal an ssh server running on a
> non-standard port, this doesn't seem to happen often. It seems to me
> that the fewer attacks which are made, the less likely it is that one
> will succeed.

Let's take a 15 character complex password; the number of combinations
which would have to be tried to break it (without even trying 14, 13, etc
characters) is enormous. The probability of success might increase after
each failed attempt but not by anything to worry about over the first
1,000 years. (Incidentally, a thousand years is a gross underestimate,
but by then you and I will have little to be bothered about :)).

I don't think your argument stands scrutiny.

>               We know that even digital keys are not necessarily secure:
> anyone can make mistakes, even people who patch Debian's OpenSSH
> suite.

The result of the mistake was that the key space was drastically reduced.
This is similar to using a 4 character password instead of 15. The
combinatons to be searched are much fewer; you have justifiable cause to
become very worried.

> Good passwords, no. But most of the posts I've seen about hacked Linux
> installations where the point of entry was known seem to blame ssh,
> possibly because most private installations don't have any other
> internet-facing services. Somebody must be doing something wrong.

The chances of breaking a good password over a ssh link are neglible. so
you would have look elsewhere for a reason. The people who claim it has
happened to them never seem to provide enough detail to be confident it
is not some mistake on their part.

Reply to:

References:
- How can I secure a Debian installation?
  - From: Jon Danniken <danniken@q.com>
- Re: How can I secure a Debian installation?
  - From: Scott Ferguson <scott.ferguson.debian.user@gmail.com>
- Re: How can I secure a Debian installation?
  - From: Jon Danniken <danniken@q.com>
- Re: How can I secure a Debian installation?
  - From: Joe <joe@jretrading.com>
- Re: How can I secure a Debian installation?
  - From: Brian <ad44@cityscape.co.uk>
- Re: How can I secure a Debian installation?
  - From: Joe <joe@jretrading.com>

Prev by Date: Re: ERRATUM Re: how to remove ? directory
Next by Date: Re: how to remove ? directory
Previous by thread: Re: How can I secure a Debian installation?
Next by thread: Re: How can I secure a Debian installation?
Index(es):
- Date
- Thread