Date: Fri, 11 Aug 2006 03:06:55 -0400 From: beno <zope@2012.vi> To: Olivier Nicole <on@cs.ait.ac.th>, freebsd-questions@freebsd.org Subject: Re: Finding IP Addresses (OT) Message-ID: <44DC2C8F.3020002@2012.vi> In-Reply-To: <200608110202.k7B22Er7052574@banyan.cs.ait.ac.th> References: <44DB7888.6080807@2012.vi> <200608110202.k7B22Er7052574@banyan.cs.ait.ac.th>
next in thread | previous in thread | raw e-mail | index | archive | help
Olivier Nicole wrote: > I'd advise you not to filter SSH by IP, that would be the best way to > lock you out of your server. > I did that once :) No fun! But I'll be much more careful this time! > Even if you find all the IP used by your ISP, you cannot predict when > the IP range will change, and it DOES change. > Hmmm. Worst-case scenario, the server farm would have access. Thinking... > If you limit the IP that can SSH to your server, you will not be able > to login when you are traveling and some urgent administration task > need to be performed. And the most urgent tasks must often be > performed when traveling... > I *never* travel! I live in paradise, my needs are minimal and satisfied, and I have no reason to travel :) > Set a strong password to your account (8+ characters, using letters up > and lower case, numbers and punctuation signs), do not allow SSH to > root account, enforce using sudo instead of su. > Never heard of sudo before. Looking it over, I don't understand how that would be beneficial in my case, since I'm the only one who really does anything on the machine. I could and should set it up for those occasions when I have others go in, however. Comments? TIA, beno
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?44DC2C8F.3020002>