Re: [?] DYNDNS host vulnerability

"Fr@nk Stef@ni" <fs@xxxxxxxxxxxxx> wrote:

Andy Ruddock schrieb:
Fr@nk Stef@ni wrote:
Hello all,

it's convenient to use a DYNDNS domain name like myhost.dyndns.org.
I guess, though, that the host myhost.dyndns.org would be much
more vulnerable as for crackers there is no need to watch out
for a dynamic IP that changes every day (at least in Germany).

Background: Every now and then I do some administration on a
server of a friend via

name@xxxxxxxxxxx

It would be nice to do this instead via

name@xxxxxxxxxxxxxxxxxxxxxxx

so there would be no need to let me know which dynamic IP his
router currently uses. This is what DYNDNS is supposed to do.
Nevertheless, if a cracker tries to crack into a host, he
would be happy not to care for dynamic IPs. Rather he would
be happy to rework on "friends_host.dyndns.org" without
caring for IP changes.

Am I correct or did I miss something?

If I were correct, weak login names and passwords would
be no problem, even with ssh - right?

Thanks and regards,
Frank

What you're doing here is relying on security through obscurity - the
obscurity being that an attacker would be unable to follow your changing
IP from one day to the next, and hoping that he's unable to break in
during the 24hour timeframe until your IP changes.

My eyes opened up wide when I realized that the whole systems security
relies on a single strong password - though we have firewall and crypted SSH.
I guess, many systems worldwide are wide, wide open in this respect....

Frank

Thats one of the reasons why it is recommended that you configure your
system to not allow "root" to log in remotely. Now, it is a matter of
guessing a valid user ID as well as a password, THEN trying to guess
"roots" password..

I also use non-standard ports for my admin services as well as
firewall rule to lockout multiple access attempts in a short period of
time.
--
------------------------------------------------
http://www3.sympatico.ca/dmitton
SPAM Reduction: Remove "x." from my domain.
------------------------------------------------
.

Relevant Pages

  • [?] DYNDNS host vulnerability
    ... it's convenient to use a DYNDNS domain name like myhost.dyndns.org. ... I guess, though, that the host myhost.dyndns.org would be much ... more vulnerable as for crackers there is no need to watch out ... caring for IP changes. ...
    (comp.os.linux.networking)
  • Re: [?] DYNDNS host vulnerability
    ... it's convenient to use a DYNDNS domain name like myhost.dyndns.org. ... I guess, though, that the host myhost.dyndns.org would be much ... available from my ISP it appears that the IP address is linked to my ... and again it may be better to only run the ssh daemon when you need ...
    (comp.os.linux.networking)
  • Re: Ive been hacked...tips for a postmortem?
    ... Reboot the affected host... ... Analyze the sniff logs. ... Contact the network admins of the networks from whence he enters ... Crackers get really pissed when you take their toys. ...
    (comp.os.linux.security)