On Tue, Sep 21, 2004 at 12:47:51PM +0100, Tim Green wrote:
On Tue, 21 Sep 2004 11:40:21 +0100, Chris Green chris@areti.co.uk wrote:
In the real world how vulnerable will these two be? Will I get incessant hacking at the open SSH port on the ipCop box trying to guess the password or will it just be the occasional port scan? Assuming the password is secure enough (i.e. unguessable enough and not published on the internet somewhere) will I be basically OK?
Just looking back in auth.log, I can see "61.166.6.60" in China tried to guess my root password 3 times at 23:43 last night and again at 06:58 this morning. Last week there were 8 attempts from Germany, Korea and China.
Thanks, that's just the sort of thing I wanted to know. So a good secure password should do most of what I need.
I may be able to limit the SSH access in particular to only certain client IP addresses but I want the IMAP to be accessible from anywhere. The IMAP server will probably only have two or three accounts on it and I will have control over passwords (though not where they're kept maybe).
I think you'll only frustrate yourself if you cannot SSH from anywhere.
In reality I woud be able to SSH from anywhere, but it would be via the ssh command line login I have where my web pages are hosted. I can set up my ipCop system to only allow ssh from there. (I actually have a couple of other ssh login accounts whose IP addresses I will allow as well, in case the hosting system is down for any reason).
Does anyone here have any experience of how vulnerable in reality such systems are? I'm not after Fort Knox, I just want things to be reasonably safe.
Especially since you want to access IMAP from anywhere, at least do it over a secure connection (ssh or ssl) so that you don't broadcast your password and email messages in the clear.
Aha, yes, a good reminder. I had been thinking of doing it via ssh and I'd forgotten this very good reason for doing it that way. Thanks!