Mailinglist Archive: opensuse-factory (626 mails)

["Carlos E. R." <robin.listas@xxxxxxxxxxxxxx>]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1



The Saturday 2008-03-29 at 07:20 -0000, Sid Boyce wrote:

> >  An open sshd behind an open firewall will be under brute force attack in
> >  about 23 milliseconds after going on-line :-)
>
> That's for certain. I had one occasion when I went to a relative's home armed 
> with CD's to get his box up to date, only to find I didn't have everything 
> with me, so on the next occasion, I enabled the ssh port on my smoothwall box 
> so I could get to the stuff remotely. A few days later I remembered it was 
> open and there were numerous attempts at a break in, all failed.

Another option would be to stop sshd if the user stops/dissables the 
firewall.

Or rather stop all network services!  :-P

And to open it in the firewall with the "FW_SERVICES_ACCEPT_EXT" option. 
That could be another can of worms, perhaps... :-?


- -- 
Cheers,
       Carlos E. R.

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.4-svn0 (GNU/Linux)

iD8DBQFH7hu/tTMYHG2NR9URAqZrAKCIGZ7P+Nn7bjGM2dVm59SjR47xVwCfQxOS
lHwmT9BssdzMk1nkNdO8mGw=
=lfkM
-----END PGP SIGNATURE-----
---------------------------------------------------------------------
To unsubscribe, e-mail: opensuse-factory+unsubscribe@xxxxxxxxxxxx
For additional commands, e-mail: opensuse-factory+help@xxxxxxxxxxxx