On Thu, 27 Dec 2007 11:10:47 -0800 "Daniel B. Thurman" <dant@xxxxxxxxx> wrote: > Does anyone have any advice, links to great sites focused on security > and how to secure your linux box against intrusions and attacks? Well, what I'm doing is this: 1. My system is hooked to an external router/firewall combo with only port 22 (sshd) open and forwarded to it. 2. My sshd_config file is setup to disable all forms of authentication except for public key, and the only valid public key file is encrypted on my system at work (with a passphrase only I know that isn't written down anywhere). 3. My /etc/hosts.allow and /etc/hosts.deny files are setup so that only the IP address of my work system (or the address it appears to have after it gets through the corporate firewall) is allowed to ssh in. This winds up with a few lines like this appearing in the security log every day: sshd[14989]: refused connect from u16-159.static.grapesc.cz (::ffff:82.100.16.159) Of course, this all works for me where I just want to be able to get into my home system from work, and don't have a public server I actually want folks to access. If I need anything more than ssh, I can always use port forwarding through ssh to get to other things. One other gimmick: Within my local network at home, I don't want such restrictions as only public key, so with the latest sshd in fedora 8, I can use a "Match" directive to allow more kinds of authentication within my local home network.
