Putting server on the internet or not
rchiodin at bellsouth.net
Wed Dec 14 19:33:04 UTC 2005
On Wed, 2005-12-14 at 13:31 -0500, Scot L. Harris wrote:
> On Wed, 2005-12-14 at 13:05, Bob Chiodini wrote:
> > Edward,
> > I have to agree with Scot. If you are a home user, lock everything down
> > behind a firewall. I opened up SSH and IMAPS while I was traveling
> > earlier this year and within 2 hours I was getting hammered by machines
> > on the internet trying to access my machine via SSH.
> For home users one of the cheap Netgear or Linksys routers/firewalls do
> a good job. If you want to learn more, setting up a separate box as a
> firewall can be good but you will need to spend more time researching
> and monitoring such a system than one of the cheap devices mentioned
> Search the list for several threads discussing ssh security. (disallow
> root login, limit the users that can connect, use strong passwords, use
> keys if possible, consider using different port than 22 for ssh) This
> is true regardless of using a firewall or not.
> > I'll bet Scot has a generator though. Judging by his IP address, I bet
> > he was without power a lot during last hurricane season :-)
> This year they missed us here. But last year the generator did come in
> handy for a few weeks. Have had one for several years. But my ISP was
> down at the same time so no network connectivity. There for about a
> week there was also no land line phones or cell phone access as well.
> Those with generators, I also recommend installing a transfer switch.
> This allows you to provide power to specific circuits in the house
> without stringing extension cords all over and without back feeding the
> power grid.
I needed open SSH since I did not know what IP address I would be coming
from. Once known and verified that it was not changing I locked my
router up. It's a Dlink, and so far has been very good to me.
We had dialtone and DSL during the storms of 2004. The generator kept
power up for the essentials: fans, fridge, TV (until the dish blew
down) and computers.
More information about the fedora-list