[SATLUG] Questions about home server security: non-standard ports
dkowis at shlrm.org
Thu Feb 21 13:52:24 CST 2013
-----BEGIN PGP SIGNED MESSAGE-----
On 02/17/2013 06:52 PM, Alex Bartonek wrote:
> netstat -lnptu
> start cleaning up there..
> I know this isnt Solaris, but here is a cron script I have running
> every morning. Sends me an email of a few log files for my
> perusal. I have another script that sends me a status of my disks
> (space, errors etc) also.
Is there a logwatch for solaris? That might cover your bases as well.
It can get too noisy, and so isn't quite as good as having nagios
watch for things or something like that, as well it doesn't provide
you a very good trending analysis so you can see when spikes of
activity happen, but it does mail you a summary of log events nicely
> It can be expanded on and stuff.. YMMV.
> --- On Sun, 2/17/13, Don Davis <dondavis at reglue.org> wrote:
> From: Don Davis <dondavis at reglue.org> Subject: Re: [SATLUG]
> Questions about home server security: non-standard ports To:
> satlug at satlug.org Date: Sunday, February 17, 2013, 11:54 AM
> Good article. He also recommends using ssh keys, which may have
> been drowned out in the furor about non-standard ports.
> I like the comments and I'm with Dan: "I moved ssh to a
> non-standard port merely to reduce the traffic in my logs. It
> permits ssh-key only. No password logins accepted."
> On 02/17/2013 10:02 AM, Brad Knowles wrote:
>> On Feb 15, 2013, at 1:28 PM, Frank Huddleston
>> <fhuddles at gmail.com> wrote:
>>> Thanks for the suggestions about security on a home server. I
>>> see that one thing people do is use non-standard ports. I have
>>> done that myself, but get the feeling that it's just security
>>> through obfuscation and does nothing more than put a little
>>> hurdle in the way of a cracker, and increases complexity. So
>>> what do you think: is this worthwhile as a security measure?
>> Here's a pretty good answer:
>> "SSH Password Gropers Are Now Trying High Ports"
>> Brad Knowles <brad at shub-internet.org> LinkedIn Profile:
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.13 (GNU/Linux)
Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/
-----END PGP SIGNATURE-----
More information about the SATLUG