Best practices for securing SSH server
Daniel Underwood
djuatdelta at gmail.com
Sun Jun 28 01:17:13 UTC 2009
> As I believe has already been answered in this thread, the better connected
> a server is to the Internet, the higher its value to several varieties of
> miscreants. Given a choice between a server connected via a close to
> saturated T1 somewhere in the back waters of the Internet and a server with
> multiple 100mbps+ connections to key backbones, somebody interested in
> staging DOS attacks or using the server as a base to "explore" other
> networks or ... is likely to find the latter server of greater interest.
> About the only advantage I can think of for the former is that it's
> probably, other things being equal, less likely to be properly maintained
> and monitored.
Exactly. For example, the "server" in question is a desktop machine
at work. I regularly see transfer rates of 13MB/s. It's at a major
university, which is by itself another high-risk factor, precisely
because there are so many (often weakly protected) high-speed
connections.
More information about the freebsd-questions
mailing list