Woo-hoo! My first "blog post": "Number of Unauthorized Access Attempts: ZERO"
Linux - SecurityThis forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
This post is addressed to "all of you folks who innocently deployed an Internet-facing server and who just-as-innocently hoped to use 'ssh, alone' to control access to it," and who are now being buried with "script-kiddies" who are trying to guess your passwords ... hundreds of times per second.
This post suggests how you can not only "stop them in their tracks," but actually disappear, completely(!) ... ... from their infernal Radar!
Just by implementing an idea that you use every day at work (while trying to hold your briefcase and your Starbucks® at the same time).
... and (oh yeah)another idea borrowed from the Dr. J R R Tolkein's Dwarf-Kings.
Enjoy™!
Last edited by sundialsvcs; 05-11-2017 at 03:41 PM.
From someone who has never set up a public-facing server (so excuse the naive question), how would you technically change between using ssh and openvpn if you're actually logged in to the system at the time using the ssh link provided by the server host? Would it not be like sawing off the branch you're sitting on?
I have a draft-project-in-progress blog post and learning experience myself, all about the benefits of using your LQ blog and how that use should complement, but not compete with LQ forum posts...
I think I just found another useful example to cite!
One comment: As you add new and useful blog posts, use categorization to organize them! I have found very little use of the blog categorization feature making the job of sifting other's blog posts an obscure task!
More! More!
Last edited by astrogeek; 05-11-2017 at 04:22 PM.
Reason: project, learning
From someone who has never set up a public-facing server (so excuse the naive question), how would you technically change between using ssh and openvpn if you're actually logged in to the system at the time using the ssh link provided by the server host? Would it not be like sawing off the branch you're sitting on?
From your description, it rather sounds to me like you are presuming a "shared hosting" scenario, where you are merely "buying time" on someone else's Linux box and you have no control over the actual machine. (All that you have is, as you say, "a SSH-link provided by the server host.") This is not my scenario.
("If you live in your own house, out in the country, you can put that new outhouse anywhere you please." However, "if you live in the city, you must poop where they let you!")
My scenario presumes that you are using a virtual machine, or a group of "containers," which is therefore entirely under your control.
Some shared-hosting companies are far-sighted enough to offer OpenVPN, but not too many. (Yet, why on earth are you using "shared hosting," anyway?)
Last edited by sundialsvcs; 05-12-2017 at 09:53 AM.
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.