[Nottingham] Exposing our internal network

Martin Garton martin at stupids.org
Thu Dec 1 18:10:47 GMT 2005


On Thu, 2005-12-01 at 17:29 +0000, Michael Leuty wrote:

> I should be grateful for your comments on how risky it is to open ports 22 
> and 80, and whether Firestarter provides adequate defence against script 
> kiddies.

If you are opening up port 22. I would recommend:

1) Ensure root login is disabled (in /etc/ssh/sshd_config)
2) run denyhosts. (see http://denyhosts.sourceforge.net/)

I will leave others to comment on port 80 etc.

-- 
Martin.





More information about the Nottingham mailing list