25 Oct
2016
25 Oct
'16
6:56 p.m.
Personally, I also have the system account on my rsx systems setup to not allow logins
over the net. Local users only...
Johnny
Fred <fcoffey at misernet.net> skrev: (25 oktober 2016 18:54:20 CEST)
On Tue, 25 Oct 2016, Johnny Billquist wrote:
--
Sent from my Android device with K-9 Mail. Please excuse my brevity.
While I certainly think that it does good for
your nerves, I really
consider
that to just be security through obscurity.
Alternate ports is not
really any
protection. But it do reduce the noise.
I can understand people who don't like telnet. Cleartext passwords
certainly
are not fun.
However, I'm not about to implement ssh for RSX quite yet... So
telnet it is.
:-)
After I noticed quite a few attempts on SYSTEM on MISER:: I now have
two
passwords set. The scripts seemed to be confused by the second
password
prompt, and intrusion detection gets them long before ... so they don't
even know if they are guessing wrong/right/indifferent.
I am still thinking about turning off telnet though ... I occasionally
use
it as a back door in case I lock myself out of my main ssh system.
(which
with the protections I have on there I have accidentally done it to
myself
once or thrice. :)
Fred