On Sun, Jul 17, 2011 at 12:03:52AM +0100, Always Learning wrote: > > If using SSH, FTP, phpmyadmin etc. etc. then DO NOT use the standard > ports. Allocate a different IP address (if you have several) and use a > non-web IP address for SSH and a different non-web IP address for > phpmyadmin etc. WITH non-standard ports (you can go as high as about > 64000). Also consider ONLY allowing access from predefined static IP > addresses (under your control). Do not make it easy for the hackers. The reality of the situation is that attacks are in almost all cases non-targeted and are the results of automated scanning; playing security through obscurity tricks with IP addresses is as futile as attempting to herd kittens. You should not be running ftp at all; ftp should be allowed to die off as it's insecure just as is any protocol that transits credentials on the wire in plaintext. ftps is better; sftp/scp/rsync is better still. phpmyadmin is a recipe for tears of blood; moving ports is better than leaving it on 80/tcp, but better would be to not run it at all on a routable IP. In the cases of a targeted attack the attacker(s) will find your services no matter what ports you have them hanging off of. And TCP port numbers range from 0 to 65535. John -- The First Law of Holes: "It is a good thing to follow the First Law of Holes: if you are in one, stop digging." - Denis Healy
Attachment:
pgpZ5nZoIy2Za.pgp
Description: PGP signature
_______________________________________________ CentOS mailing list CentOS@xxxxxxxxxx http://lists.centos.org/mailman/listinfo/centos
