Quote:
Originally Posted by blue68f100
Security,
I can't express this enough. Use the strongest PW (using all printable chr, 12+chr long) at all times on all accounts exposed to the www. I had them testing with different common names to gain access too.
I have a list of about 6 web hosting sites/countries that were trying to hack in to my 4500 FTP server when exposed. I just added their complete subnets to be blocked. Once I did that all hacking went away. You can also raise the time between failure to a large time to deter constant hacking. Also it's advised that you use a non std port for access. This will hide it from most all sniffers. I would also suggest that you use strong passwords on all out access. Set min req on passwords to make them all strong. If it's for your access only setup and use a VPN Endpont router, this will give you full access to your network, with all traffic encrypted.
|
Ahhh you interest me Blue68f100!!!!
How exactly did you edit the subnets and change the ports? Are you referring to using a router between the Snap & the net? If NOT, oh pretty please with sugar on top tell me WHERE you go to edit these things in Guardian OS.
I use RemotelyAnywhere for server maint and have for many years... in that I can prune subnets, etc and have the failed attempts to 5 with a 365 day ban. Of course I have several systems that I can access through a different IP and take over the server via a local IP and clear the entry if I screwed up somehow, but I am totally lost when it comes to linux editing..... and for that matter, not too hot on the Guardian OS either!
Thanks for the reply!