Return to index: [Subject] [Thread] [Date] [Author]

Re: My Experience This Weekend (WAS: How to check your Internet secur ity)

[Subject Prev][Subject Next][Thread Prev][Thread Next]
Bill,

Your setup is essentially the same as ours, except that our router 
includes some packet filtering firewall capabilities.  One suggestion I 
have is that when you set up ssh, consider moving it to a 
"nonstandard" port, instead of port 22.  I think a lot of the port 
scanners just look fo the typical ports (ie, 22, 23, 25, 80, 143, etc.) , 
and if these are not open, they move on to the next victim.  ssh is 
easy to put on any port, so you can hide it better from the scanners.

For small networks like yours, I think static IP addresses make more 
sense than DHCP.  Then, it the router goes down, at least your 
internal net still functions.

Mark Nienberg
Steven Tipping + associates
Berkeley, CA
mark(--nospam--at)tipping.com

Mark W. Nienberg, SE
Steven Tipping + associates
Berkeley, CA