[86722] in North American Network Operators' Group
Re: a record?
daemon@ATHENA.MIT.EDU (Patrick W. Gilmore)
Tue Nov 15 14:02:38 2005
In-Reply-To: <B6621ED4D0AD394BBA73CA657DFD89767B6252@MSPEXBE01.wamnet.inc>
Cc: "Patrick W. Gilmore" <patrick@ianai.net>
From: "Patrick W. Gilmore" <patrick@ianai.net>
Date: Tue, 15 Nov 2005 14:02:01 -0500
To: nanog@nanog.org
Errors-To: owner-nanog@merit.edu
On Nov 15, 2005, at 12:52 PM, Church, Chuck wrote:
> Isn't it just good security practice to limit telnet/SSH access to
> only
> a few choice hosts/subnets? I know I'd never allow the 0/0 net access
> to a signon screen, even if it is SSH. If you're on vacation and need
> to access something, call your NOC, and have them temporarily allow
> your
> dynamic address for SSH. When a hacker finds an open SSH host, they
> think two things - This host is important to someone, and that they
> need
> more doughnuts...
That is an excellent idea. As soon as I hire a NOC for my personal
boxes, I'll get right on that. But, since I Am Not An Isp, I doubt
that is going to happen soon.
Remember, not every box on the Internet is supported by a whole
network of resources (physical and human).
--
TTFN,
patrick
