nanog mailing list archives
Re: a record?
From: "Patrick W. Gilmore" <patrick () ianai net>
Date: Tue, 15 Nov 2005 14:02:01 -0500
On Nov 15, 2005, at 12:52 PM, Church, Chuck wrote:
Isn't it just good security practice to limit telnet/SSH access to onlya few choice hosts/subnets? I know I'd never allow the 0/0 net access to a signon screen, even if it is SSH. If you're on vacation and needto access something, call your NOC, and have them temporarily allow yourdynamic address for SSH. When a hacker finds an open SSH host, theythink two things - This host is important to someone, and that they needmore doughnuts...
That is an excellent idea. As soon as I hire a NOC for my personal boxes, I'll get right on that. But, since I Am Not An Isp, I doubt that is going to happen soon.
Remember, not every box on the Internet is supported by a whole network of resources (physical and human).
-- TTFN, patrick
Current thread:
- Re: a record?, (continued)
- Re: a record? Dan Hollis (Nov 14)
- Re: a record? Randy Bush (Nov 14)
- Re: a record? Peter Dambier (Nov 14)
- Re: a record? william(at)elan.net (Nov 14)
- Re: a record? Matthew Sullivan (Nov 14)
- Re: a record? Frank Louwers (Nov 15)
- Re: a record? John Levine (Nov 15)
- Re: a record? Matthew Sullivan (Nov 18)
- Re: a record? Eric Rescorla (Nov 18)
- Re: a record? william(at)elan.net (Nov 14)
- Re: a record? Patrick W. Gilmore (Nov 15)
- Re: a record? Alexei Roudnev (Nov 19)
- Re: a record? Austin McKinley (Nov 19)
- Re: a record? Suresh Ramasubramanian (Nov 19)
- Re: a record? Alexei Roudnev (Nov 19)
- Re: a record? Suresh Ramasubramanian (Nov 19)
- Re: a record? Sean Donelan (Nov 19)
- Re: a record? Elmar K. Bins (Nov 20)
- Re: a record? Patrick W. Gilmore (Nov 20)
- Re: a record? Alexei Roudnev (Nov 20)
- Re: a record? Elmar K. Bins (Nov 20)