[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: [K12OSN] Safety of Allowing Access from Internet



Todd O'Bryan wrote:



So... I would recommend against putting a K12LTSP server on the
internet.  Instead, put it behind a firewall, and forward port 22 (ssh)
from the FW to the LTSP box.


Is there a way to do this when installing? I set up "High" security and only
checked SSH when I installed K12LTSP on my server. Are there extra
steps to create a firewall, or did that do so?


that is all, with regards to the firewall.

With ssh open to the Internet, you should expect that crackers will regularly attempt to break it - trust me on this.

now you must ;

1.) Make *certain* that your sshd is the very latest one possible (for your distro) - certainly apply any updates

2.) Make *certain* up2date is registered with RedHat, and you are recieving updates automatically. (allow *outgoing* connects on this port *only*)


and then you can *mostly* relax ! 8-)



DISCLAIMER: There will be something you, and I, will have missed out.. and you still might get bitten.. 8-}



regards, Steve






[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]