> Don't spend too much time, as it's a waste. You will NOT see
> my MAC address. Not because I try to disguise it, but because
> it won't be available to you. That's simply how TCP/IP works.
There is one caveat to this, I if you are running a 802.11 wifi, the MAC is
sent in the packets and then
An option for ports that don't need to be open constantly (like 80 & 443) is to use net-misc/knockd.Portknocking allows a port to be opened on demand in response to a series of attempted port opens.There's a wiki page on it here:
http://gentoo-wiki.com/HOWTO_Port_Knocking.Note, if he is on the sam
On 7/6/06, Lord Sauron <[EMAIL PROTECTED]> wrote:
On 7/5/06, Ryan Tandy <[EMAIL PROTECTED]> wrote:
> Steven Susbauer wrote:
> >
> > On Wed, 5 Jul 2006, Ryan Tandy wrote:
> >
> >> Lord Sauron wrote:
> >>> If you can, what I'd do is try and get the guy's MAC Address or
> >>> something and then tota
Lord Sauron wrote:
> On 7/5/06, Alexander Skwar <[EMAIL PROTECTED]> wrote:
>> Lord Sauron wrote:
>> How should *THAT* help? In 99.999% of
>> the times, the attacker won't be on the same subnet, and thus the
>> MAC isn't available.
>
> Couldn't hurt.
Well, as it doesn'
On 7/5/06, Alexander Skwar <[EMAIL PROTECTED]> wrote:
Lord Sauron wrote:
> Sorry to be a bit elementary, but if you're not colocating your box,
> and you don't often use SSH, you might want to consider disabling
> remote administrative things.
Of course - disable everything, that you don't need.
On 7/5/06, Ryan Tandy <[EMAIL PROTECTED]> wrote:
Steven Susbauer wrote:
>
> On Wed, 5 Jul 2006, Ryan Tandy wrote:
>
>> Lord Sauron wrote:
>>> If you can, what I'd do is try and get the guy's MAC Address or
>>> something and then totally block that off. That's send him away right
>>> quickly. I
Lord Sauron wrote:
Sorry to be a bit elementary, but if you're not colocating your box,
and you don't often use SSH, you might want to consider disabling
remote administrative things.
Of course - disable everything, that you don't need. ESPECIALLY, if it
is reachable over the network.
All you
Steven Susbauer wrote:
On Wed, 5 Jul 2006, Ryan Tandy wrote:
Lord Sauron wrote:
If you can, what I'd do is try and get the guy's MAC Address or
something and then totally block that off. That's send him away right
quickly. I don't know enough to know if that'd be totally possible,
but if th
On Wed, 5 Jul 2006, Ryan Tandy wrote:
> Lord Sauron wrote:
> > If you can, what I'd do is try and get the guy's MAC Address or
> > something and then totally block that off. That's send him away right
> > quickly. I don't know enough to know if that'd be totally possible,
> > but if the guy is
Lord Sauron wrote:
If you can, what I'd do is try and get the guy's MAC Address or
something and then totally block that off. That's send him away right
quickly. I don't know enough to know if that'd be totally possible,
but if the guy isn't terribly intelligent, that'll send him packing.
net
Sorry to be a bit elementary, but if you're not colocating your box,
and you don't often use SSH, you might want to consider disabling
remote administrative things.
All your Windoze "friend" will try to do is exploit MySQL to pop a DOS
shell into your system. It's an older trick, however, it wor
Alexander Skwar wrote:
Ryan Tandy wrote:
you're running a firewall of some kind (and you'd be crazy not to for
any publically accessible box),
Actually, I'd disagree. If only the necessary publicly accessible services
are running on a box, what good should a "firewal" (I suppose you mean
pack
On 7/5/06, Alexander Skwar <[EMAIL PROTECTED]> wrote:
Trenton Adams wrote:
> I would move ssh to a very high port number of your choice. Most ssh
> port scanners do not bother checking anything other than port 22, as
> it is too time consuming. I have not had any weird hits on my ssh
> port in
and to add another (a biggy!)
defence in depth: if something goes wrong, its another barrier in the
way of the troublemakers. What can go wrong?:
1. redhat used to install an anonymous ftp server by default (years
back). Came in the next morning to the sysadmin swaring about traffic,
its the on
Alexander Skwar <[EMAIL PROTECTED]> wrote:
> ... If I were a
> script kiddie, I wouldn't bother looking at normally open
> ports. But if there's something strange like 65350, I *would*
imho, if someone wants to attack your server, he will scan
all ports and will try to find which apps are using
Trenton Adams wrote:
> I would move ssh to a very high port number of your choice. Most ssh
> port scanners do not bother checking anything other than port 22, as
> it is too time consuming. I have not had any weird hits on my ssh
> port in years. It was hammered daily, even with attempted login
Alexander Skwar <[EMAIL PROTECTED]> wrote:
> > you're running a firewall of some kind (and you'd be crazy not to for
> > any publically accessible box),
>
> Actually, I'd disagree. If only the necessary publicly accessible
> services
> are running on a box, what good should a "firewal" (I suppo
Grant wrote:
> It has come to my attention that a particular person I know may be
> intent on attacking my server/website in any way possible. He doesn't
> know much about Linux but does know Windows. What kind of things
> should I lock down to protect my remote hosted server? I don't have
> tim
I would move ssh to a very high port number of your choice. Most ssh
port scanners do not bother checking anything other than port 22, as
it is too time consuming. I have not had any weird hits on my ssh
port in years. It was hammered daily, even with attempted logins and
such, with it running
Ryan Tandy wrote:
> you're running a firewall of some kind (and you'd be crazy not to for
> any publically accessible box),
Actually, I'd disagree. If only the necessary publicly accessible services
are running on a box, what good should a "firewal" (I suppose you mean
packet filter, like iptabl
On Tue, 4 Jul 2006 15:56:02 -0700
Grant <[EMAIL PROTECTED]> wrote:
> It has come to my attention that a particular person I know may be
> intent on attacking my server/website in any way possible. He doesn't
> know much about Linux but does know Windows. What kind of things
> should I lock down
Grant wrote:
It has come to my attention that a particular person I know may be
intent on attacking my server/website in any way possible. He doesn't
know much about Linux but does know Windows. What kind of things
should I lock down to protect my remote hosted server? I don't have
time to get
It has come to my attention that a particular person I know may be
intent on attacking my server/website in any way possible. He doesn't
know much about Linux but does know Windows. What kind of things
should I lock down to protect my remote hosted server? I don't have
time to get too crazy wit
23 matches
Mail list logo
