[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index]

Re: MORE SSH Hacking: heads-up

From: "Scot L. Harris" <webid cfl rr com>
To: For users of Fedora Core releases <fedora-list redhat com>
Subject: Re: MORE SSH Hacking: heads-up
Date: Sun, 01 Aug 2004 13:28:18 -0400

On Sun, 2004-08-01 at 12:38, Jim Cornette wrote:
> Thanks for the tips on seting up remote users and using keys on critical 
> systems.
> 
> I used SSH only to get into a test machine w/ a crashing X. It seemed 
> extremely easy to get into the other computer. I knew the other 
> passwords to the computer I logged into, but still an easy process. I 
> didn't seem to be a real safe process w/ passwords allowed.
> 
> I don't normally  use SSH for my own computer systems. Transferring 
> files to one computer to another is more my use for remote machines. SSH 
> might be useful for remote admin, but walking to the other machine is 
> just as easy in a home network.
> 
> Thanks!
> 
> Jim

Another trick that can be used is port knocking.  Pretty neat idea. 
Send a series of connection attempts on different ports.  Software on
the server monitors the log files and when it sees the correct sequence
it opens up the port your application connects on.  Kind of a
combination lock for your server.

fwknop is one implementation of this.  

-- 
Scot L. Harris
webid cfl rr com

your keyboard's space bar is generating spurious keycodes.

References:
- Re: MORE SSH Hacking: heads-up
  - From: David L Norris
- Re: MORE SSH Hacking: heads-up
  - From: Jim Cornette

[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index]