On 4/23/07, Karl E. Jorgensen <[EMAIL PROTECTED]> wrote:
[...]
> > Nice idea. Is it easy to support sshd-httpd on the same port also?
>
> Yes - assuming that the httpd client doesn't use pooling or the like,
> which stops the client from "talking" immediately upon connection:
> [...]
> I did do
On Sun, Apr 22, 2007 at 08:59:37PM +0100, Karl E. Jorgensen wrote:
> On Sun, Apr 22, 2007 at 10:02:50PM +0300, Nick Demou wrote:
> > On 4/21/07, Karl E. Jorgensen <[EMAIL PROTECTED]> wrote:
> > >Despite being security-through-obscurity, it *is* possible to run https
> > >and ssh on the same port, v
On Sun, Apr 22, 2007 at 10:02:50PM +0300, Nick Demou wrote:
> On 4/21/07, Karl E. Jorgensen <[EMAIL PROTECTED]> wrote:
> >Despite being security-through-obscurity, it *is* possible to run https
> >and ssh on the same port, via a proxy:
> >http://sourceforge.net/projects/ssh-ssl-proxy/
>
> Nice
On 4/21/07, Karl E. Jorgensen <[EMAIL PROTECTED]> wrote:
Despite being security-through-obscurity, it *is* possible to run https
and ssh on the same port, via a proxy:
http://sourceforge.net/projects/ssh-ssl-proxy/
Nice idea. Is it easy to support sshd-httpd on the same port also?
[...]
On Sat, Apr 21, 2007 at 07:43:23AM +0300, Nick Demou wrote:
> On 4/21/07, Jeff D <[EMAIL PROTECTED]> wrote:
> >On Fri, 20 Apr 2007, Nick Demou wrote:
> >[...]
> >>
> >> Any other idea of simple measures that will keep as many attackers
> >> away from the one and only service that is listening to th
On Fri, 2007-04-20 at 16:03 +0300, Nick Demou wrote:
> On 4/20/07, Roberto C. Sánchez <[EMAIL PROTECTED]> wrote:
> > On Fri, Apr 20, 2007 at 12:47:20PM +0300, Nick Demou wrote:
> > > [...]
> > > Any other idea of simple measures that will keep as many attackers
> > > away from the one and only serv
On 4/21/07, Jeff D <[EMAIL PROTECTED]> wrote:
On Fri, 20 Apr 2007, Nick Demou wrote:
[...]
>
> Any other idea of simple measures that will keep as many attackers
> away from the one and only service that is listening to the Internet?
> [...]
I'm not sure if this fits what you are looking for or
On Fri, 20 Apr 2007, Nick Demou wrote:
The only service that listens to the internet on my pcs is sshd (on
port 80 or 443 [1]). Since neither me nor sshd is perfect I would like
to get rid of as much attackers as possible. My idea was to use port
knocking. So I tested knockd and it seems nice[2]
On Fri, Apr 20, 2007 at 12:47:20PM +0300, Nick Demou wrote:
> The only service that listens to the internet on my pcs is sshd (on
> port 80 or 443 [1]). Since neither me nor sshd is perfect I would like
> to get rid of as much attackers as possible. My idea was to use port
> knocking. So I tested k
On Fri, 20 Apr 2007 16:13:39 -0400
Roberto C. Sánchez <[EMAIL PROTECTED]> wrote:
> On Fri, Apr 20, 2007 at 10:58:37AM -0400, Celejar wrote:
> >
> > Use shorewall. Set an SSH rule in your rules file, and use the
> > RATE-LIMIT column (see /usr/share/doc/shorewall/default-config/rules).
> >
> This
On Fri, Apr 20, 2007 at 10:58:37AM -0400, Celejar wrote:
>
> Use shorewall. Set an SSH rule in your rules file, and use the
> RATE-LIMIT column (see /usr/share/doc/shorewall/default-config/rules).
>
This is what I do. It is much nicer (at least I think so) than working
with raw iptables.
>
> C
On Fri, 20 Apr 2007 16:03:41 +0300
"Nick Demou" <[EMAIL PROTECTED]> wrote:
> On 4/20/07, Roberto C. Sánchez <[EMAIL PROTECTED]> wrote:
> > On Fri, Apr 20, 2007 at 12:47:20PM +0300, Nick Demou wrote:
> > > [...]
> > > Any other idea of simple measures that will keep as many attackers
> > > away fro
On 4/20/07, Johannes Wiedersich <[EMAIL PROTECTED]> wrote:
Nick Demou wrote:
> Any other idea of simple measures that will keep as many attackers
> away from the one and only service that is listening to the Internet?
Different approach, but the same goal:
[...] fail2ban bans IPs that cause mul
On 4/20/07, Roberto C. Sánchez <[EMAIL PROTECTED]> wrote:
On Fri, Apr 20, 2007 at 12:47:20PM +0300, Nick Demou wrote:
> [...]
> Any other idea of simple measures that will keep as many attackers
> away from the one and only service that is listening to the Internet?
>
Well, if which outbound port
On Fri, Apr 20, 2007 at 12:47:20PM +0300, Nick Demou wrote:
> The only service that listens to the internet on my pcs is sshd (on
> port 80 or 443 [1]). Since neither me nor sshd is perfect I would like
> to get rid of as much attackers as possible. My idea was to use port
> knocking. So I tested k
Nick Demou wrote:
> Any other idea of simple measures that will keep as many attackers
> away from the one and only service that is listening to the Internet?
Different approach, but the same goal:
aptitude install fail2ban
> bans IPs that cause multiple authentication
> errors Monitors log fil
The only service that listens to the internet on my pcs is sshd (on
port 80 or 443 [1]). Since neither me nor sshd is perfect I would like
to get rid of as much attackers as possible. My idea was to use port
knocking. So I tested knockd and it seems nice[2] except one minor
thing[3] and a major pr
17 matches
Mail list logo
