-   Linux - Security (
-   -   How safe am I? (

bad_andy 01-29-2005 10:11 AM

How safe am I?
My office server is behind a router, which is configured with a static IP address and port 22 (SSH) is forwarded to the server. No other ports are being forwarded.

If I leave the system as-is, how vulnerable am I to an outside attack? I want to be able to log on to the server remotely, but I certainly don't want anyone else to gain access.

Also, if anyone has suggestions on how I can improve this setup, it would be greatly appreciated.

btmiller 01-29-2005 01:05 PM

Does your router firewall off other ports besides 22? If so, you're relatively safe, so long as you're running a modern version of OpenSSH (some old versions, at lkeast 3.5 and below are vulnerable to exploits) and your router itself isn't vulnerable to anything. Also, do you have strong passwords on accounts on the server? There are numerous scanners which will try to login to a server via ssh by trying many user names and trivial passwords.

Security isn't a one time thing. You need to keep up with any vulnerabilities found in OpenSSH and your router. You also should consider setting up a host IDS such as Tripwire or AIDE.

bad_andy 01-29-2005 02:47 PM

Well, I don't know anything about the router "firewalling off other ports," but I know that only port 22 is listed for forwarding. And it is up-to-date with the latest firmware.

I do have Guarddog running on the server though, blocking basically every protocol except for SSH.

All times are GMT -5. The time now is 10:54 AM.