From owner-freebsd-questions@FreeBSD.ORG Sun Jun 28 01:17:12 2009 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id CAC831065670 for ; Sun, 28 Jun 2009 01:17:12 +0000 (UTC) (envelope-from djuatdelta@gmail.com) Received: from mail-ew0-f213.google.com (mail-ew0-f213.google.com [209.85.219.213]) by mx1.freebsd.org (Postfix) with ESMTP id 5C8EB8FC08 for ; Sun, 28 Jun 2009 01:17:12 +0000 (UTC) (envelope-from djuatdelta@gmail.com) Received: by ewy9 with SMTP id 9so2727870ewy.43 for ; Sat, 27 Jun 2009 18:17:11 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:mime-version:received:in-reply-to:references :date:message-id:subject:from:to:cc:content-type :content-transfer-encoding; bh=dOA4dgfUNElI3UIzs0vfHsN3e5BNvHqVXXP9ELpJOVM=; b=qNd/Y/+hIkOBt2Ro+5dQ1cASzWP4+8d6ZncAiGnzk3ONR0SA/HB+JUPH2ydEgi9UpN qMVhEh9hIK+hGjKZNSUXfy7l27ECbXcbj6/kuhDYTpYY8whHl3vBkonSqp/Uz7Y4lgI5 rzGYgIR2rYwA9IQ2H3VuaAoEczu973OnGDG0E= DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :cc:content-type:content-transfer-encoding; b=EY0EyBHVJWt4IDWrPfDLBaowTVRIY9QwOuEibsJQbnJ4q4+H38rdcf021yjXEOAFgW eODkVeIiyDrrlv0W91Dbj/Q3r5gAIp59ApX5yvB4+yGjCpVPGcNkm00rvKM37MRMGMmW OFCEw9OehODPUxEsI0uEdbpaRcUD/immECdPs= MIME-Version: 1.0 Received: by 10.216.19.210 with SMTP id n60mr1587854wen.107.1246151831311; Sat, 27 Jun 2009 18:17:11 -0700 (PDT) In-Reply-To: <4A467089.1040404@radel.com> References: <4A4639B0.8080602@webrz.net> <4A467089.1040404@radel.com> Date: Sat, 27 Jun 2009 21:17:11 -0400 Message-ID: From: Daniel Underwood To: Jon Radel Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: quoted-printable Cc: Jos Chrispijn , freebsd-questions@freebsd.org Subject: Re: Best practices for securing SSH server X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 28 Jun 2009 01:17:13 -0000 > As I believe has already been answered in this thread, the better connect= ed > a server is to the Internet, the higher its value to several varieties of > miscreants. =A0Given a choice between a server connected via a close to > saturated T1 somewhere in the back waters of the Internet and a server wi= th > multiple 100mbps+ connections to key backbones, somebody interested in > staging DOS attacks or using the server as a base to "explore" other > networks or ... is likely to find the latter server of greater interest. > =A0About the only advantage I can think of for the former is that it's > probably, other things being equal, less likely to be properly maintained > and monitored. Exactly. For example, the "server" in question is a desktop machine at work. I regularly see transfer rates of 13MB/s. It's at a major university, which is by itself another high-risk factor, precisely because there are so many (often weakly protected) high-speed connections.