Security....

[Scot L. Harris]

On Wed, 2004-10-27 at 06:54, Jim Higson wrote:
> > Good points James...you missed one though... port 22. I see more attempts
> > on SSH than any other port....stupid and LAME attempts but more on this
> > than any other...
> 
> Out of curiosity, how much does it really matter so long as you have strong 
> passwords?
> 
> If security holes are discovered in ssh, then sure, someone who knows what 
> they're doing might be able to gain access. But then someone qualified enough 
> to find new holes in ssh won't be targeting my desktop box, or the http 
> server for a small buisines.
> 
> In general isn't ssh pretty secure, and aren't security fixes normally issued 
> before the script kiddies get hold of an exploit?

Brute force login attempts against ssh can work if given enough time
just like any other access that uses simple password protection.  It
just may take a really long time to get to the right combination of
letters, numbers, and special characters (assuming you have a
non-trivial password that is not dictionary based).  

And it is best practice to limit ssh to only those accounts that need to
use it and block direct root access.  This limits the user ids that will
work and makes it just a little more difficult.

Like others have said in this thread, you are managing risk, some may
feel comfortable with a higher level of risk that others.  But as long
as you make your system just a little more difficult to access than the
next one more than likely the hackers will move on to the system that is
easier to hack.

Of course most security breaches in companies are from inside not
external.  And those that are external normally are of the social
engineering type instead of some clever hack over the Internet.  

-- 
Scot L. Harris
webid at cfl.rr.com

The better part of valor is discretion.
		-- William Shakespeare, "Henry IV"