SlackwareThis Forum is for the discussion of Slackware Linux.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
Even if the OP scanned his own conf, would you explain to me how can somebody can break in without knowing his WAN IP ? Its like I give you my house keys but you have to figured out in which part of the world I live, and that would be impossible.
I'm not sure why you felt it necessary to ask this on a thread that's almost 2 years old, but it doesn't matter if the WAN IP isn't known. Lots of people scan lots of IPs for open ports. If someone finds port 623 open on an IP, then they could look at finding a way to exploit it.
With your house analogy, imagine that the person who has your keys can check 1000s of houses a minute, exponentially more if they have a botnet (make copies of keys and lets others check 1000s of houses a minute).
With computers, with a limited number of IPs, nothing is impossible. It just takes time. I get ssh attempts on my IP all the time, and I don't have my IP posted publically, and I don't have my dynamic DNS name posted publically either. My public sites are hosted on a separate network and my dynamic DNS is only for me to access my local network. So there is no way a hacker found my machine from me posting it somewhere publically. They scanned a bunch of IPs and found a port open on my computer and then attempt to exploit that. Luckily, since I have root access disabled from ssh, they'd have to guess my username and password. It still isn't the most secure since I can change the port or disable passwords, but it is a choice I make knowingly.
If you don't think that a hacker can find you without you posting your public IP, you are sadly mistaken.
Click here to see the post LQ members have rated as the most helpful post in this thread.
I'm not sure why you felt it necessary to ask this on a thread that's almost 2 years old, but it doesn't matter if the WAN IP isn't known. Lots of people scan lots of IPs for open ports. If someone finds port 623 open on an IP, then they could look at finding a way to exploit it.
With your house analogy, imagine that the person who has your keys can check 1000s of houses a minute, exponentially more if they have a botnet (make copies of keys and lets others check 1000s of houses a minute).
With computers, with a limited number of IPs, nothing is impossible. It just takes time. I get ssh attempts on my IP all the time, and I don't have my IP posted publically, and I don't have my dynamic DNS name posted publically either. My public sites are hosted on a separate network and my dynamic DNS is only for me to access my local network. So there is no way a hacker found my machine from me posting it somewhere publically. They scanned a bunch of IPs and found a port open on my computer and then attempt to exploit that. Luckily, since I have root access disabled from ssh, they'd have to guess my username and password. It still isn't the most secure since I can change the port or disable passwords, but it is a choice I make knowingly.
If you don't think that a hacker can find you without you posting your public IP, you are sadly mistaken.
Exactly! so whats the deal with sharing your ports and internal IPs ? If you have a good setup like indeed deny root access in your ssh conf and a good configured firewall there is nothing to worry about. I also own a server open to the public and I constantly see in the auth.log bots trying to access random ports with root as user, I perfectly know.
Exactly! so whats the deal with sharing your ports and internal IPs ? If you have a good setup like indeed deny root access in your ssh conf and a good configured firewall there is nothing to worry about. I also own a server open to the public and I constantly see in the auth.log bots trying to access random ports with root as user, I perfectly know.
This post as well as your previous one is irrelevant as this thread is certainly viewed by many people not aware of the means to secure their connections. These people could think from what you first wrote that keeping ports open don't put their system at risk, even if they didn't take any safety measure. You are giving this audience a disservice.
Furthermore there was no point quoting a post more than three years old.
Last edited by Didier Spaier; 07-10-2015 at 10:17 AM.
Exactly! so whats the deal with sharing your ports and internal IPs ? If you have a good setup like indeed deny root access in your ssh conf and a good configured firewall there is nothing to worry about. I also own a server open to the public and I constantly see in the auth.log bots trying to access random ports with root as user, I perfectly know.
The point of the post you originally quoted is it is a bad idea for manufacturers to just leave ports like this open without somehow notifying customers and you responded basically saying, "Who cares, since you don't have the WAN IP?" That is what prompted my response, because it shouldn't matter if you have the WAN IP or not. Manufacturers should do their best to ensure an item is relatively secure when first started, which as this topic showed, wasn't the case here.
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.
