Am Mittwoch, 10. September 2008 20:03:08 schrieb Andrei Popescu: > On Wed,10.Sep.08, 19:50:04, Dexter Filmore wrote: > > I use a virtual machine for support and have my router forward ssh there. > > Something simple with fluxbox or even no X at all, should fit a 32MB VM > > and come up within a blink of an eye. For extra paranoia you can revert > > to a clean snapshot after finishing the session. > > So if the VM isn't up Joe Random Hacker can scan port 22 all day. > > That's a very nice idea, I had totally forgotten about the > virtualization technologies available in Debian. > > Regards, > Andrei
Extra paranoia: forward a different port than 22, lets say 2222(inet) to 22 (lan/vm) and conf the client script to connect to that port. reduces port 22 attacks a great deal. Port knocking perhaps? -- -----BEGIN GEEK CODE BLOCK----- Version: 3.12 GCS d--(+)@ s-:+ a C++++ UL++ P+>++ L+++>++++ E-- W++ N o? K- w--(---) !O M+ V- PS+ PE Y++ PGP t++(---)@ 5 X+(++) R+(++) tv--(+)@ b++(+++) DI+++ D- G++ e* h>++ r* y? ------END GEEK CODE BLOCK------ http://www.vorratsdatenspeicherung.de -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
