[Nottingham] Exposing our internal network
Martin Garton
martin at stupids.org
Thu Dec 1 18:10:47 GMT 2005
On Thu, 2005-12-01 at 17:29 +0000, Michael Leuty wrote:
> I should be grateful for your comments on how risky it is to open ports 22
> and 80, and whether Firestarter provides adequate defence against script
> kiddies.
If you are opening up port 22. I would recommend:
1) Ensure root login is disabled (in /etc/ssh/sshd_config)
2) run denyhosts. (see http://denyhosts.sourceforge.net/)
I will leave others to comment on port 80 etc.
--
Martin.
More information about the Nottingham
mailing list