Date: Sun, 28 Jun 2009 18:17:49 +0100 From: Chris Rees <utisoft@googlemail.com> To: Polytropon <freebsd@edvax.de> Cc: Jos Chrispijn <jos@webrz.net>, Jon Radel <jon@radel.com>, Daniel Underwood <djuatdelta@gmail.com>, freebsd-questions@freebsd.org Subject: Re: Best practices for securing SSH server Message-ID: <b79ecaef0906281017u5a300a40r2e560c6516941a42@mail.gmail.com> In-Reply-To: <20090628070348.8a07299b.freebsd@edvax.de> References: <b6c05a470906221816l4001b92cu82270632440ee8a@mail.gmail.com> <4A4639B0.8080602@webrz.net> <4A467089.1040404@radel.com> <b6c05a470906271817r1fac21dfrfcea512d8ed5f16c@mail.gmail.com> <20090628070348.8a07299b.freebsd@edvax.de>
next in thread | previous in thread | raw e-mail | index | archive | help
2009/6/28 Polytropon <freebsd@edvax.de>: > On Sat, 27 Jun 2009 21:17:11 -0400, Daniel Underwood <djuatdelta@gmail.co= m> wrote: >> Exactly. =A0For example, the "server" in question is a desktop machine >> at work. =A0I regularly see transfer rates of 13MB/s. =A0It's at a major >> university, which is by itself another high-risk factor, precisely >> because there are so many (often weakly protected) high-speed >> connections. > > That's a valid point, and I'd like to add that there is some > consideration: Servers are usually protected with proper means. > This goes especially for UNIX servers. Desktops, on the other > hand, can more easily be taken over (especially non-UNIX machines), > so if an attacker got his foot inside a network, it's very > useful to him. There are even trading platforms where criminals > buy and sell whole networks of compromised PCs. Of course, > everything happening inside such networks should be seen as > what it is: a threat to security. Just imagine some "clever > guy" uses telnet inside such a network to configure the > server... > > You mean like the default alternative to SSH for "Windows" boxes? Gotta love their arrogance.... Chris --=20 A: Because it messes up the order in which people normally read text. Q: Why is top-posting such a bad thing? A: Top-posting. Q: What is the most annoying thing in a mailing list?
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?b79ecaef0906281017u5a300a40r2e560c6516941a42>