Just to clarify, since this is pretty sensitive and I want to make sure I read
the docs and the actual fw config right...SSH is only available to GREEN unless
you take some additional steps to explicitly allow it from RED, right?
-AJ
----- Original Message -----
From: Peter Warasin
To: [email protected]
Sent: Friday, January 18, 2008 11:37 AM
Subject: Re: [Efw-user] SSh Attack
Carlos Leal wrote:
> The use of port 22 in place of a less well known port makes it more
> vulnerable to automated attacks. This is why IPCop , which was the
> inspiration for this product uses port 222 for ssh.
To be honest, that's security by obscurity, therefore we removed that.
It makes more sense to use the standard ports and to block the access
completely for the unauthorized.
Simply open the port within system access only for your ip addresses,
disable ssh and enable it only when you need, or connect through vpn.
peter
--
:: e n d i a n
:: open source - open minds
:: peter warasin
:: http://www.endian.com :: [EMAIL PROTECTED]
------------------------------------------------------------------------------
-------------------------------------------------------------------------
This SF.net email is sponsored by: Microsoft
Defy all challenges. Microsoft(R) Visual Studio 2008.
http://clk.atdmt.com/MRT/go/vse0120000070mrt/direct/01/
------------------------------------------------------------------------------
_______________________________________________
Efw-user mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/efw-user
-------------------------------------------------------------------------
This SF.net email is sponsored by: Microsoft
Defy all challenges. Microsoft(R) Visual Studio 2008.
http://clk.atdmt.com/MRT/go/vse0120000070mrt/direct/01/
_______________________________________________
Efw-user mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/efw-user
