Les,
That's security by obscurity, and hasn't really worked well
for a good many years. There are port scan and port mapping tools
out there that can read all the ports on your machine in a heartbeat,
and know which ones are open, which ones are closed, and what process
is behind each individual port. Many processes running behind open
ports don't require the use of passwords - ie, http, NFS, et.
Your best bet if you are going to keep a machine online is
to keep it up to date with patches, occasionally run an intrusion
detection tool (I run mine every 4 hours on my machines at work -
they aren't CNC machines though, so you'd probably want to run them
when the CNC software is not in use) and shut down any unnecessary
processes and services, especially network services, so that you
can't be hacked through those ports. The intrusion detection
software is nice, because it can detect changes in individual files,
letting you know that somebody has gotten in and done something wonky.
Mark
At 04:51 AM 1/11/2009, you wrote:
>One good security measure is to change the port number. First the hacker
>has to find your port then they have to crack the password (obviously
>don't use the standard password). Of course that assumes you want to
>connect remotely over the internet (why???). Otherwise just block the
>port on your firewall.
>
>Les
>
>
>Kent A. Reed wrote:
> > I tip my hat to you for the nice work you've been doing, Andrew. Sweet.
> >
> > This last bit of your message, however, brings home how important it is
> > that we all practice "safe connections" (ala "safe sex"). It's chilling
> > to think of a hacker turning on a real machine. It seems to me one can
> > never be too paranoid with any machinery that (1) can cause physical
> > damage or personal injury, (2) allows for the possibility of remote
> > control and (3) connects to the Internet so any scumbag can try his hand
> > at it.
> >
> > I'm not suggesting you personally don't know the drill, Andrew, but a
> > number of messages on this list suggest that some of our users are
> > Unix/Linux neophytes. Please, people, please be sure your systems are
> > "locked down". There are plenty of books and websites providing chapter
> > and verse about good system security practices.
> > Read...understand...implement...maintain.
> >
> > I know I sound like a dotty maiden aunt about this, but from almost the
> > moment my former place of employment went online we saw frequent
> > break-in attempts by people who were obviously trying just because they
> > could---there certainly wasn't any pot of gold lying in wait behind the
> > firewall.
> >
> > If you think our EMC2 work is too arcane for black-hat hackers to bother
> > with, just remember we're posted all over the net (this list, the Wiki,
> > SourceForge, YouTube, CNCZone, etc.) so there are plenty of interesting
> > hints of potential targets for those who are so inclined.
> >
> > One of my grandmother's favorite aphorisms was "An ounce of prevention
> > is worth a pound of cure."
> >
> > Regards,
> > Kent
> >
> >
> >
> ------------------------------------------------------------------------------
> > Check out the new SourceForge.net Marketplace.
> > It is the best place to buy or sell services for
> > just about anything Open Source.
> > http://p.sf.net/sfu/Xq1LFB
> > _______________________________________________
> > Emc-users mailing list
> > Emc-users@lists.sourceforge.net
> > https://lists.sourceforge.net/lists/listinfo/emc-users
> >
>
>
>------------------------------------------------------------------------------
>Check out the new SourceForge.net Marketplace.
>It is the best place to buy or sell services for
>just about anything Open Source.
>http://p.sf.net/sfu/Xq1LFB
>_______________________________________________
>Emc-users mailing list
>Emc-users@lists.sourceforge.net
>https://lists.sourceforge.net/lists/listinfo/emc-users
------------------------------------------------------------------------------
Check out the new SourceForge.net Marketplace.
It is the best place to buy or sell services for
just about anything Open Source.
http://p.sf.net/sfu/Xq1LFB
_______________________________________________
Emc-users mailing list
Emc-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/emc-users
