[kwlug-disc] Tightening up SSH

Darcy Casselman dscassel at gmail.com
Mon Jul 19 10:50:06 EDT 2010


On Mon, Jul 19, 2010 at 10:44 AM, Lori Paniak
<ldpaniak at fourpisolutions.com> wrote:
> I tend to agree with Dave.  If you have a small, definite number of
> remote clients who need external access to your system (your laptop,
> phone ...), run something like OpenVPN.  Then you can close all open
> (tcp) ports and disappear from scans.  Having open ports advertises that
> your system is there and a target for unknown, upcoming vulnerabilities
> whether they are on port 22 or elsewhere.
>
>
> OpenVPN also brings additional features to the table that ssh doesn't
> without a lot of futzing around eg. extend your LAN to remote clients

Is there someone around who can do an OpenVPN presentation?  I looked
at it once and gave it up as incomprehensible.  I've been waiting for
Steve Gibson to do his OpenVPN episode on Security Now for five years
(and stopped listening in the meantime).  Seems to me there ought to
be a better way.

Darcy.



More information about the kwlug-disc_kwlug.org mailing list