Linux - SecurityThis forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
My office server is behind a router, which is configured with a static IP address and port 22 (SSH) is forwarded to the server. No other ports are being forwarded.
If I leave the system as-is, how vulnerable am I to an outside attack? I want to be able to log on to the server remotely, but I certainly don't want anyone else to gain access.
Also, if anyone has suggestions on how I can improve this setup, it would be greatly appreciated.
Does your router firewall off other ports besides 22? If so, you're relatively safe, so long as you're running a modern version of OpenSSH (some old versions, at lkeast 3.5 and below are vulnerable to exploits) and your router itself isn't vulnerable to anything. Also, do you have strong passwords on accounts on the server? There are numerous scanners which will try to login to a server via ssh by trying many user names and trivial passwords.
Security isn't a one time thing. You need to keep up with any vulnerabilities found in OpenSSH and your router. You also should consider setting up a host IDS such as Tripwire or AIDE.
Well, I don't know anything about the router "firewalling off other ports," but I know that only port 22 is listed for forwarding. And it is up-to-date with the latest firmware.
I do have Guarddog running on the server though, blocking basically every protocol except for SSH.
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.