[kwlug-disc] Tightening up SSH

Lori Paniak ldpaniak at fourpisolutions.com
Mon Jul 19 10:56:50 EDT 2010


On Mon, 2010-07-19 at 10:50 -0400, Darcy Casselman wrote:
> On Mon, Jul 19, 2010 at 10:44 AM, Lori Paniak
> <ldpaniak at fourpisolutions.com> wrote:
> > I tend to agree with Dave.  If you have a small, definite number of
> > remote clients who need external access to your system (your laptop,
> > phone ...), run something like OpenVPN.  Then you can close all open
> > (tcp) ports and disappear from scans.  Having open ports advertises that
> > your system is there and a target for unknown, upcoming vulnerabilities
> > whether they are on port 22 or elsewhere.
> >
> >
> > OpenVPN also brings additional features to the table that ssh doesn't
> > without a lot of futzing around eg. extend your LAN to remote clients
> 
> Is there someone around who can do an OpenVPN presentation?  I looked
> at it once and gave it up as incomprehensible.  I've been waiting for
> Steve Gibson to do his OpenVPN episode on Security Now for five years
> (and stopped listening in the meantime).  Seems to me there ought to
> be a better way.
> 
> Darcy.

Sounds like a presentation?  I should be able to put something together
for next year.  OpenVPN is a very flexible, robust tool that deserves
advertising. 
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 198 bytes
Desc: This is a digitally signed message part
URL: <http://astoria.ccjclearline.com/pipermail/kwlug-disc_kwlug.org/attachments/20100719/227704b9/attachment.bin>


More information about the kwlug-disc_kwlug.org mailing list