[kwlug-disc] Tightening up SSH
Lori Paniak
ldpaniak at fourpisolutions.com
Mon Jul 19 10:56:50 EDT 2010
On Mon, 2010-07-19 at 10:50 -0400, Darcy Casselman wrote:
> On Mon, Jul 19, 2010 at 10:44 AM, Lori Paniak
> <ldpaniak at fourpisolutions.com> wrote:
> > I tend to agree with Dave. If you have a small, definite number of
> > remote clients who need external access to your system (your laptop,
> > phone ...), run something like OpenVPN. Then you can close all open
> > (tcp) ports and disappear from scans. Having open ports advertises that
> > your system is there and a target for unknown, upcoming vulnerabilities
> > whether they are on port 22 or elsewhere.
> >
> >
> > OpenVPN also brings additional features to the table that ssh doesn't
> > without a lot of futzing around eg. extend your LAN to remote clients
>
> Is there someone around who can do an OpenVPN presentation? I looked
> at it once and gave it up as incomprehensible. I've been waiting for
> Steve Gibson to do his OpenVPN episode on Security Now for five years
> (and stopped listening in the meantime). Seems to me there ought to
> be a better way.
>
> Darcy.
Sounds like a presentation? I should be able to put something together
for next year. OpenVPN is a very flexible, robust tool that deserves
advertising.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 198 bytes
Desc: This is a digitally signed message part
URL: <http://kwlug.org/pipermail/kwlug-disc_kwlug.org/attachments/20100719/227704b9/attachment.sig>
More information about the kwlug-disc
mailing list