Spotlight | Reviews | Current Issue | Newsletter | Subscribe | Contact |
Departments

user friendly

CeBIT 2010

High-class talks around the clock in the Forum, non-commercial projects presenting their work, new developments at the largest IT fair in the world, CeBIT Open Source 2010 in Hanover, Germany.

Visit them in hall 2, March 2-6 or here.

  linuxpromagazine.com » Issues » 2008 » 91 » WHO’S THERE?  

Print this page. Recommend
Slashdot it! Delicious Share on Facebook Tweet! Digg

Remote access security with single-packet port knocking

WHO’S THERE?

Author(s): JULIET KEMP

If you are looking for an extra layer of remote access security, try single-packet port knocking.

Public key cryptography means that the traffic is secured and that if you verify keys correctly, it isn’t vulnerable to man-in-themiddle attacks. Exploits are occasionally found, but they are quickly fixed. However, your system could still be vulnerable to brute-force attacks. If you have only a small number of user accounts, if your usernames are unusual, and if your passwords are carefully crafted, this might not be an issue. But if you have multiple users on a system, it becomes harder to ensure that all passwords really are secure. One solution is to run a passwordguessing system such as John the Ripper, which can discover a poor password before anyone with nefarious intentions has time to exploit it.

Also, you can create firewall rules that establish a maximum number of connection attempts from the same IP address, either indefinitely or for the next few minutes. (The latter option is preferable to avoid problems for real users, who do occasionally mistype their password several times.)


Read full article as PDF »


Comments


Print this page. Recommend
Slashdot it! Delicious Share on Facebook Tweet! Digg
Rikki's Open Source Exchange

Stop by Rikki's Open Source Exchange for dispatches from the world of women in open source.

Rikki Kite examines the experience of women across the spectrum of open source –
the people, projects, organizations, events, articles, issues, and news.

more...

 

In the US and Canada, Linux Magazine is known as Linux Pro Magazine.
Entire contents © 2010 [Linux New Media USA, LLC]
Linux New Media web sites:
North America: [Linux Pro Magazine]
UK/Worldwide: [Linux Magazine]
Germany: [Linux-Magazin] [LinuxUser] [EasyLinux] [Linux-Community] [Linux Technical Review]
Eastern Europe: [Linux Magazine Poland] [Linux Community Poland]
International: [Linux Magazine Brazil] [EasyLinux Brazil] [Linux Magazine Spanish]
Corporate: [Linux New Media AG]