The Natural Philosopher  wrote:
> On 04/01/18 11:47, Axel Berger wrote:
> > Chris Green wrote:
> >> What do you mean by 'external LAN interface'?
> >
> > Your router does connect you to the Internet, doesn't ist? External
> > administration is so "convenient" and "comfortable" that it may be
> > offered by default and if not your security need not be worth much.
>
> No. External administration is not offered by defaukt on a second hand
> Cisco 527W
>
> >
> > On the other hand, getting at you that way will require knowledge and
> > effort. I expect you to be safe just because nobody as qualified would
> > consider it worth his time to look at your PI experiments. Now, if you
> > hosted a sizeable customer database there of ran a political website ...
> >
>
> Even there, its surprsinsing how resileinet one can be. I do run a very
> public websitre
>
> Have a look at what was happening in October...
>
> ...a massive increase in traffic TO the server...
>
> Till I got bored with the huge logs and firwalled out the fruitless
> attempts to log in as root with every possible password.
>
> Hint to hackers. Root login is in any case disallowed. Even with the
> roopt password.
>
> My point is that even with a relatively high profile and exposed machine
> that has sshd enabled to all comers, they couldnt hack the thing in a
> month of trying.
>
> Whereas I know of people with varoius 'web tools' like joomla who were
> hacked every few DAYS
>
Yes, it's amazing how many hits an open ssh port gets!  :-)

I have mine set up to only allow connections from two outside sites
where I have ssh login accounts.  Thus I connect from 'somewhere' to
one of these two accounts and then from there to my home system.

--
Chris Green
·

--- SoupGate-Win32 v1.05