[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [cobalt-users] Portsentry question and SSH question
- Subject: Re: [cobalt-users] Portsentry question and SSH question
- From: "Kevin D" <kdlists@xxxxxxxxxxxxxxx>
- Date: Mon Mar 5 15:05:45 2001
- List-id: Mailing list for users to share thoughts on Cobalt products. <cobalt-users.list.cobalt.com>
From: "Rodolfo Paiz" <rpaiz@xxxxxxxxxxxxxx>
> > 1 - Portsentry Question: Our server is remote (5000 miles away). If I
> > install portsentry, what are the chances of getting accidently cut
> > off from my own server. I have cable access where I am and the IP
Anyone who shares your cable DHCP pool might trigger portsentry on your
server. All it takes is one reboot of your cable connection and you could be
locked out.
> 1. Be very careful what ports you connect to on your server. :)
This is not very practical - what if I want to port scan my server regularly
to check for trojans?
> 2. I *only* talk to my server on...
You should be portscanning your server on a regular basis as part of your
instrusion detection plan.
> 3. Make sure you have a dial-up Internet account. That way, if you lock
> yourself out on your cable modem IP, you can dial into your ISP
Not a bad idea, but you will have to keep track of your cable IPs all the
time. Also, you suffer from the same problem that I mentioned above - you
might share your DHCP pool with a hacker who has been locked out of your
server by portsentry. Thus, you dialup, and find yourself blocked anyway.
Your best bet is to get a static IP connection (dialup, DSL, frame relay).
Your second best bet is to tell portsentry to ignore your entire cable modem
DHCP pool (which is probably one class C network - check with your cable
provider, they *might* give you this info).
Kevin