Re: [?] DYNDNS host vulnerability

Doug Mitton wrote:

All good ideas.  The point being is that there are many
solutions to the problem and you just need to fix or implement
those that are for your specific requirements.

At least Public Key authentication is easy to use. All you've to
do is generating a key pair, append the public key to the remote
site to $ACCOUNT_HOME/.ssh/authorized_keys2 and supply the
private key to ssh with the '-i'-option.

cut down on the error logs generated by script-kiddies. Also,
the alternate server ports resolves issues with ISP's who block
certain ports getting into their address space.

Then get a better ISP. You got your own IP, when connected to the
Internet, all ports on that IP will only affect you. As long
your ISP doesn't share the IP with you (what it hopefully won't
do) there's simply no reason to block traffic on certain ports.
Technically you got a crippled Internet access, then.

Look up the contract with the ISP, if there's anything in it,
about letting ports x-y only through if "the moon is full and
venus in the house of scropio" or similair. If not, then demand
uncrippled access. If your ISP denies, due to demands by the
RIAA, MPAA, etc. to block P2P traffic, tell him, that protocols
are not bound to ports, especially P2P protocols. And if I'm not
totally wrong, it's illegal in democratic countries to filter by
the content (which in the case means also protocol), even if
nowadays many politicians tell you otherwise. Such filtering
would definitely be censorship.

Wolfgang Draxinger
--
E-Mail address works, Jabber: hexarith@xxxxxxxxxx, ICQ: 134682867

.

Relevant Pages

  • Re: [?] DYNDNS host vulnerability
    ... Wolfgang Draxinger wrote: ... certain ports getting into their address space. ... Then get a better ISP. ... RIAA, MPAA, etc. to block P2P traffic, tell him, that protocols ...
    (comp.os.linux.networking)
  • Re: POTS in charge again
    ... Maybe, but they are your ISP, not your mum! ... Security is the responsibility ... The fact that security exploits occur on these ports or protocols ... BECAUSE these ports or protocols have a legitimate, ...
    (uk.telecom.broadband)
  • Re: My ISP closed some ports need help!
    ... then you need to get a different ISP. ... you will find you are *not allowed* to run server class software. ... They enforce this by inhibiting specific ports to flow ... To get access to server class ports, you need Server Class service agreement from the ISP. ...
    (comp.security.ssh)
  • Re: My ISP closed some ports need help!
    ... >> then you need to get a different ISP. ... They enforce this by inhibiting specific ports to flow ... >eg mapping your server ports into other numbers, ... or to provide network or host services to others via ...
    (comp.security.ssh)
  • Re: ISP port filtering
    ... ISP is in the wrong here? ... talkinggoat wrote: ... your new car, you would have to pay 20% more. ... these ports, it's the dealer that removes them. ...
    (microsoft.public.windows.server.sbs)