This is surely OT for the emc list, so further replies/comments will be off list. Just this last one on the list ;) >> > Let me tell you, from PERSONAL experience, that there are professional > bank criminals that are searching the net continuously for systems with <snip> > Jon > > I'm still looking for > an even more robust scheme, some kind of challenge/response that doesn't > require a computer to formulate the response.
Set up iptables to block everything (except public services like 80). Then use a port knocking program to temporarly open up ssh (or whatever port you need) only on request. Then you have a client for the knocking (on linux, windows, whatever) which sends some packets to a certain number of ports on your PC. Everything beeing blocked nothing happens, but the requests get logged, and the port knocking server looks int eh logs for certain patterns (say port 1000, 1200, 1300, 1207, 1507, etc.). Only when it sees a valid pattern it opens up port 22 for a couple of seconds. (or until the first connection is done). It really feels like one of the more robust security systems. Regards, Alex ------------------------------------------------------------------------- This SF.Net email is sponsored by the Moblin Your Move Developer's challenge Build the coolest Linux based applications with Moblin SDK & win great prizes Grand prize is a trip for two to an Open Source event anywhere in the world http://moblin-contest.org/redirect.php?banner_id=100&url=/ _______________________________________________ Emc-developers mailing list Emc-developers@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/emc-developers
