Don't spend too much time, as it's a waste. You will NOT see
my MAC address. Not because I try to disguise it, but because
it won't be available to you. That's simply how TCP/IP works.
There is one caveat to this, I if you are running a 802.11 wifi, the MAC is
sent in the packets and then
An option for ports that don't need to be open constantly (like 80 443) is to use net-misc/knockd.Portknocking allows a port to be opened on demand in response to a series of attempted port opens.There's a wiki page on it here:
http://gentoo-wiki.com/HOWTO_Port_Knocking.Note, if he is on the
Lord Sauron wrote:
Sorry to be a bit elementary, but if you're not colocating your box,
and you don't often use SSH, you might want to consider disabling
remote administrative things.
Of course - disable everything, that you don't need. ESPECIALLY, if it
is reachable over the network.
All
On 7/5/06, Ryan Tandy [EMAIL PROTECTED] wrote:
Steven Susbauer wrote:
On Wed, 5 Jul 2006, Ryan Tandy wrote:
Lord Sauron wrote:
If you can, what I'd do is try and get the guy's MAC Address or
something and then totally block that off. That's send him away right
quickly. I don't know
On 7/5/06, Alexander Skwar [EMAIL PROTECTED] wrote:
Lord Sauron wrote:
Sorry to be a bit elementary, but if you're not colocating your box,
and you don't often use SSH, you might want to consider disabling
remote administrative things.
Of course - disable everything, that you don't need.
Lord Sauron wrote:
On 7/5/06, Alexander Skwar [EMAIL PROTECTED] wrote:
Lord Sauron wrote:
How should *THAT* help? In 99.999% of
the times, the attacker won't be on the same subnet, and thus the
MAC isn't available.
Couldn't hurt.
Well, as it doesn't buy you
On 7/6/06, Lord Sauron [EMAIL PROTECTED] wrote:
On 7/5/06, Ryan Tandy [EMAIL PROTECTED] wrote:
Steven Susbauer wrote:
On Wed, 5 Jul 2006, Ryan Tandy wrote:
Lord Sauron wrote:
If you can, what I'd do is try and get the guy's MAC Address or
something and then totally block that off.
Ryan Tandy wrote:
you're running a firewall of some kind (and you'd be crazy not to for
any publically accessible box),
Actually, I'd disagree. If only the necessary publicly accessible services
are running on a box, what good should a firewal (I suppose you mean
packet filter, like iptables)
I would move ssh to a very high port number of your choice. Most ssh
port scanners do not bother checking anything other than port 22, as
it is too time consuming. I have not had any weird hits on my ssh
port in years. It was hammered daily, even with attempted logins and
such, with it running
Grant wrote:
It has come to my attention that a particular person I know may be
intent on attacking my server/website in any way possible. He doesn't
know much about Linux but does know Windows. What kind of things
should I lock down to protect my remote hosted server? I don't have
time to
Alexander Skwar [EMAIL PROTECTED] wrote:
you're running a firewall of some kind (and you'd be crazy not to for
any publically accessible box),
Actually, I'd disagree. If only the necessary publicly accessible
services
are running on a box, what good should a firewal (I suppose you mean
Trenton Adams wrote:
I would move ssh to a very high port number of your choice. Most ssh
port scanners do not bother checking anything other than port 22, as
it is too time consuming. I have not had any weird hits on my ssh
port in years. It was hammered daily, even with attempted logins
Alexander Skwar [EMAIL PROTECTED] wrote:
... If I were a
script kiddie, I wouldn't bother looking at normally open
ports. But if there's something strange like 65350, I *would*
imho, if someone wants to attack your server, he will scan
all ports and will try to find which apps are using
On 7/5/06, Alexander Skwar [EMAIL PROTECTED] wrote:
Trenton Adams wrote:
I would move ssh to a very high port number of your choice. Most ssh
port scanners do not bother checking anything other than port 22, as
it is too time consuming. I have not had any weird hits on my ssh
port in
Alexander Skwar wrote:
Ryan Tandy wrote:
you're running a firewall of some kind (and you'd be crazy not to for
any publically accessible box),
Actually, I'd disagree. If only the necessary publicly accessible services
are running on a box, what good should a firewal (I suppose you mean
Sorry to be a bit elementary, but if you're not colocating your box,
and you don't often use SSH, you might want to consider disabling
remote administrative things.
All your Windoze friend will try to do is exploit MySQL to pop a DOS
shell into your system. It's an older trick, however, it
Lord Sauron wrote:
If you can, what I'd do is try and get the guy's MAC Address or
something and then totally block that off. That's send him away right
quickly. I don't know enough to know if that'd be totally possible,
but if the guy isn't terribly intelligent, that'll send him packing.
On Wed, 5 Jul 2006, Ryan Tandy wrote:
Lord Sauron wrote:
If you can, what I'd do is try and get the guy's MAC Address or
something and then totally block that off. That's send him away right
quickly. I don't know enough to know if that'd be totally possible,
but if the guy isn't
Steven Susbauer wrote:
On Wed, 5 Jul 2006, Ryan Tandy wrote:
Lord Sauron wrote:
If you can, what I'd do is try and get the guy's MAC Address or
something and then totally block that off. That's send him away right
quickly. I don't know enough to know if that'd be totally possible,
but if
It has come to my attention that a particular person I know may be
intent on attacking my server/website in any way possible. He doesn't
know much about Linux but does know Windows. What kind of things
should I lock down to protect my remote hosted server? I don't have
time to get too crazy
Grant wrote:
It has come to my attention that a particular person I know may be
intent on attacking my server/website in any way possible. He doesn't
know much about Linux but does know Windows. What kind of things
should I lock down to protect my remote hosted server? I don't have
time to
On Tue, 4 Jul 2006 15:56:02 -0700
Grant [EMAIL PROTECTED] wrote:
It has come to my attention that a particular person I know may be
intent on attacking my server/website in any way possible. He doesn't
know much about Linux but does know Windows. What kind of things
should I lock down to
22 matches
Mail list logo
