Date: Sat, 27 Jun 2009 21:17:11 -0400 From: Daniel Underwood <djuatdelta@gmail.com> To: Jon Radel <jon@radel.com> Cc: Jos Chrispijn <jos@webrz.net>, freebsd-questions@freebsd.org Subject: Re: Best practices for securing SSH server Message-ID: <b6c05a470906271817r1fac21dfrfcea512d8ed5f16c@mail.gmail.com> In-Reply-To: <4A467089.1040404@radel.com> References: <b6c05a470906221816l4001b92cu82270632440ee8a@mail.gmail.com> <4A4639B0.8080602@webrz.net> <4A467089.1040404@radel.com>
next in thread | previous in thread | raw e-mail | index | archive | help
> As I believe has already been answered in this thread, the better connect= ed > a server is to the Internet, the higher its value to several varieties of > miscreants. =A0Given a choice between a server connected via a close to > saturated T1 somewhere in the back waters of the Internet and a server wi= th > multiple 100mbps+ connections to key backbones, somebody interested in > staging DOS attacks or using the server as a base to "explore" other > networks or ... is likely to find the latter server of greater interest. > =A0About the only advantage I can think of for the former is that it's > probably, other things being equal, less likely to be properly maintained > and monitored. Exactly. For example, the "server" in question is a desktop machine at work. I regularly see transfer rates of 13MB/s. It's at a major university, which is by itself another high-risk factor, precisely because there are so many (often weakly protected) high-speed connections.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?b6c05a470906271817r1fac21dfrfcea512d8ed5f16c>