thinkhole.org — If you are running Linux, chances are you are running SSH. Here are five easy things you can do to lock down your server and make SSH more secure. Includes disabling root logins, using keys to login, automatically blocking hosts who are attempting dictionary attacks, and more.
Oct 30, 2006 View in Crawl 4
Closed AccountOct 31, 2006
This is actually a pretty good list. The first step is the first step I take on every new Linux install that will be facing the outside world (which is to say all of them). I just find it hard to believe that so many distributions permit root logins by default, it's a giant gaping security hole to allow root to login anywhere. You should always login as a limited user and su - to root or sudo.
nakedcellistOct 31, 2006
Making RDP more secure? You could tunnel it over SSH...
criticOct 31, 2006
Why are this articles always slanted towards linux users?I have yet to see a good tutorial for XP people.I'd love to see a concise tutorial for running VNC over Putty on XP.Either than or some way to configure VNC to only accept connections from specific ips.obtw - I think Linux users are the salt of the earth, and their knowledge is only exceded by their kindness to Windoze noobs.
bambam43410Oct 31, 2006
Ask and ye shall recieve: <a class="user" href="http://pigtail.net/LRP/vnc/">http://pigtail.net/LRP/vnc/</a>
seuaniuOct 31, 2006
Not to nitpick, but necessary or not depends on how valuable your server is to you. Or, usually more importantly, how valuable the secrecy of the data it holds is. I work in an industry that absolutely requires you to take *every* step you can to maintain the integrity and secrecy of your data. If some steps seem redundant, well, good. I am required to take the steps outlined in the article, and some others, on machines that don't even face a public network. Anything that does face outward doesn't get to have ssh running on that nic, which can be a bitch when you want to telecommute a couple of days a week.Some of the article might seem like a bit of overkill for many, but there are lots of scenarios where it wouldn't be considered enough, i.e. defense, finance, legal (hippa), medical (hippa again), etc.
criticOct 31, 2006
Thank-You for the link BamBam!Appeciate your kind help and guidance in this Web 2.0 world.Critic
hermatizeNov 1, 2006
Good Article.... -tp