I'm wondering what are the relative risks of the different ports I have opened up on my firewall.
Currently the ports I have open are:-
22 - ssh (but limited to only allowing two IP addresses to connect) 80 - http 25 - smtp 873 - rsync (not sure if I actually use this now, must check!)
I'm considering what the risks of opening up port 443 (https) are to use with shellinabox and ssh. This would allow ssh from a web browser anywhere into my desktop machine (in addition to https access to the apache server of course), is this a significantly bigger risk than the limited ssh access that I have now?
My thinking is that the port 443 access to ssh *is* significantly riskier than my existing ssh access, however I'm not sure if I'm being overly paranoid given that I already have open access on port 80 to my web server.
What I'm really asking is whether worrying about open ssh access (with a good secure password) is a bit irrelevant given that port 80 is open to web browsers? Or is the damage that could be done if someone *does* guess my password (or it gets out by some other means, quite possible) for ssh much worse than anything using a browser/apache exploit?
Any/all help appreciated, including ways that I could limit the shellinabox access to specific clients. As it is the client I'm thinking of is my Kindle but nothing at the shellinabox end can see anything to do with the Kindle because the proxying in between effectively anonymises the connection.