how-to block ads
New York, NY
ssh and variations Secure telnet access (ssh, ssh2, open-ssh and so on).
ssh is more than telnet access.. It's all the unix r commands (rlogin, rsh, rcp) rolled up into secure, encrypted commands (slogin, ssh, scp).. However, even more, SSH allows the ability to tunnel X11 session (and other services when configured) through the encrypted tunnel. This can allow for secure communication of virtually any service.. I've read articles on securing NFS mounts via SSH.
Albeit, command line access is probably the biggest use of SSH.. I just wanted to point out that it's MUCH more robust..
SSH - relatively secure and very useful. If you have your SSH port open, filtering by IP/Subnet might not be a bad idea. Certainly keep up with the latest patches or versions for your OS as there are vunerabilities found in SSH implementations from time to time.
Windows users can also tunnel Remote Desktop or VNC sessions over SSH for secure remote access...get a desktop from your home PC from a secure, encrypted channel from work for example. You can also copy files without having to set up an FTP server.
»www.portknocking.org/ is an interesting idea that SSH users who run no other services might want to look into.
Re: SSH - relatively secure and very useful. Use UltraVNC. It has an encrypted plugin built into the GUI that someone wrote that goes up to 128-bit encryption (of STREAMING data). It's very nice... and port 22 is one of the few 'off' ports corporations will allow to pass through the firewall for say, home access.
Ever met someone from Microsoft Q/A? ...EXACTLY!
btw, i think there are vulnerabilititties with the file xfer function, but just turn it off when you're done using it on the host machine=o.
ssh security I've just started allowing ssh internet access on my pc, and a couple of things I did first were limiting the ip addresses allowed and changing the port number.
If you use port 22 someone will probably try to hack you, and if you have a username and password that are the same (e.g. "test", "test") they may well succeed.
Just connect using putty or whatever tool you like and specify your non-standard port.