Thousands of ssh probes
Jon Radel
jon at radel.com
Sat Mar 6 00:35:48 UTC 2010
Randal L. Schwartz wrote:
>>>>>> "Tim" == Tim Judd <tajudd at gmail.com> writes:
>
> Tim> I've been in that same boat. I eventually came to the decision to:
> Tim> Install PPTP server software, accepting connections from any IP.
>
> Whoa. Here we are, talking about making it *more* secure, and
> you go the other direction....
>
>
> http://en.wikipedia.org/wiki/Point-to-Point_Tunneling_Protocol#Security_of_the_PPTP_protocol
>
>
> In short, you can't take anyone seriously who suggests PPTP when
> talking about security.
Especially since rolling out OpenVPN and your own little CA to issue
yourself and your 10 best friends certificates is pretty easy. I find
it easier to wrap my head around than something like IPSEC for
supporting a "trusted server on trusted network attached to by laptops
that wander around in sometimes sleazy parts of the Internet" model.
Just make sure you've kept up to date with your SSL libraries. :-)
--Jon Radel
jon at radel.com
More information about the freebsd-questions
mailing list