Best practices for securing SSH server
Jon Radel
jon at radel.com
Sat Jun 27 19:18:44 UTC 2009
Jos Chrispijn wrote:
>
>
> Daniel Underwood wrote:
>> laptop to connect to the server. Due to the speed and location of the
>> connection, it's a relatively high-risk target.
>>
> Can you tell me what you mean with that? I mean, imho a server must been
> consider always a risk target.
> Perhaps I don't understand.
As I believe has already been answered in this thread, the better
connected a server is to the Internet, the higher its value to several
varieties of miscreants. Given a choice between a server connected via
a close to saturated T1 somewhere in the back waters of the Internet and
a server with multiple 100mbps+ connections to key backbones, somebody
interested in staging DOS attacks or using the server as a base to
"explore" other networks or ... is likely to find the latter server of
greater interest. About the only advantage I can think of for the
former is that it's probably, other things being equal, less likely to
be properly maintained and monitored.
--
--Jon Radel
jon at radel.com
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/x-pkcs7-signature
Size: 3283 bytes
Desc: S/MIME Cryptographic Signature
Url : http://lists.freebsd.org/pipermail/freebsd-questions/attachments/20090627/b342ed83/smime.bin
More information about the freebsd-questions
mailing list