[SATLUG] Questions about home server security: non-standard ports

David Kowis dkowis at shlrm.org
Thu Feb 21 13:52:24 CST 2013


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On 02/17/2013 06:52 PM, Alex Bartonek wrote:
> netstat -lnptu
> 
> start cleaning up there..
> 
> I know this isnt Solaris, but here is a cron script I have running 
> every morning.  Sends me an email of a few log files for my
> perusal. I have another script that sends me a status of my disks
> (space, errors etc) also.
> 
> http://www.thegeekprophet.com/server-log-email

Is there a logwatch for solaris? That might cover your bases as well.

http://sourceforge.net/projects/logwatch/files/

It can get too noisy, and so isn't quite as good as having nagios
watch for things or something like that, as well it doesn't provide
you a very good trending analysis so you can see when spikes of
activity happen, but it does mail you a summary of log events nicely
organized :)

- --
David

> 
> It can be expanded on and stuff.. YMMV.
> 
> 
> --- On Sun, 2/17/13, Don Davis <dondavis at reglue.org> wrote:
> 
> From: Don Davis <dondavis at reglue.org> Subject: Re: [SATLUG]
> Questions about home server security: non-standard ports To:
> satlug at satlug.org Date: Sunday, February 17, 2013, 11:54 AM
> 
> Good article. He also recommends using ssh keys, which may have
> been drowned out in the furor about non-standard ports.
> 
> I like the comments and I'm with Dan: "I moved ssh to a
> non-standard port merely to reduce the traffic in my logs. It
> permits ssh-key only. No password logins accepted."
> 
> 
> On 02/17/2013 10:02 AM, Brad Knowles wrote:
>> On Feb 15, 2013, at 1:28 PM, Frank Huddleston
>> <fhuddles at gmail.com> wrote:
>> 
>>> Thanks for the suggestions about security on a home server. I
>>> see that one thing people do is use non-standard ports. I have
>>> done that myself, but get the feeling that it's just security
>>> through obfuscation and does nothing more than put a little
>>> hurdle in the way of a cracker, and increases complexity. So
>>> what do you think: is this worthwhile as a security measure?
>> 
>> Here's a pretty good answer:
>> 
>> "SSH Password Gropers Are Now Trying High Ports" 
>> <http://it.slashdot.org/story/13/02/16/2129244/ssh-password-gropers-are-now-trying-high-ports>
>>
>>
>>
>> 
- --
>> Brad Knowles <brad at shub-internet.org> LinkedIn Profile: 
>> <http://tinyurl.com/y8kpxu>
>> 

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.13 (GNU/Linux)
Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/

iQGcBAEBAgAGBQJRJnr4AAoJEMnf+vRw63ObDNYL/0sbEvQajUDOn1wpRJWukAAU
KRs/ZcqC1whqcey2S9AUHeiNrA2/EVX5E2k5SiCzFjICxw8/EnfglQXkmUFo3zP8
sY9KTysUlzc0yOf5kS64sQzjWjBOQHHkj7SlzkszFuQDAIPX9AwIh2mK78VJ8rzp
UkjvcMmi0+ZxIp6SP0Qygl4ElMvBUnFfB9ciCBDQhtRuM44NMiBH3ZemkfnisPyg
2bVq5fKAHPd5+g/P0JNy1neh4TCqP4r0bDRGjTvwB7XJRrhXtqxH0iL+Y1zIZCHC
bbfvkeyK2e4LHNhVuxerHoSqdEKjrhO4cRnA5tY+Winog82JAPax89aeHAmI+JrA
mEvE6hVyrm7/Rae6wmHAKvZwXBW34L6QlUA7i0czxO7KRjxfu4u2dVzLTfXqYY7s
O4607ziF/KFC1d95wjR6wI4xyKE1IqonVYqHX9/FjI80nxYV9QnYNKmTv1dAYH//
9JUIT0jVUY0xOq3V6Al8W84gH695MrOBLFmaXwiIkQ==
=JL6q
-----END PGP SIGNATURE-----


More information about the SATLUG mailing list