On Thursday 12 January 2012 18:56:04 Bennett Haselton wrote:
> Or is there a reason that an exploit against OpenVPN would be less
> powerful than an exploit against sshd?
Not really.
The thing is that the tools are there but you have to use them *CORRECTLY*
The OpenVPN server and the SSH server you are trying to access should be in *different* machines. Like web servers, app servers and databases are separete:
http server
|
|
|
app server
|
|
|
mysql server
Same structure works for openvpn and ssh ;)
Regards
_______________________________________________
CentOS mailing list
CentOS@xxxxxxxxxx
http://lists.centos.org/mailman/listinfo/centos
Re: defense-in-depth possible for sshd?
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
- To: centos@xxxxxxxxxx
- Subject: Re: defense-in-depth possible for sshd?
- From: Marc Deop <damnshock@xxxxxxxxx>
- Date: Fri, 13 Jan 2012 10:51:19 +0100
- Delivered-to: centos@xxxxxxxxxx
- In-reply-to: <4F0F9D44.7080902@peacefire.org>
- User-agent: KMail/4.7.4 (Linux/3.1.8-1-ARCH; KDE/4.7.4; x86_64; ; )
- References:
- defense-in-depth possible for sshd?
- From: Bennett Haselton
- Re: defense-in-depth possible for sshd?
- From: Johnny Hughes
- Re: defense-in-depth possible for sshd?
- From: Bennett Haselton
- defense-in-depth possible for sshd?
- Prev by Date: SELinux and rsh+xauth
- Next by Date: LSI/3ware 9750-4i and multipath I/O
- Previous by thread: Re: defense-in-depth possible for sshd?
- Next by thread: Re: defense-in-depth possible for sshd?
- Index(es):
 |