[lug] keeping up with attacks
Bucky Carr
bcarr at purgatoire.org
Sat May 4 10:25:48 MDT 2019
Educate me a bit. Wouldn't the attack vector then simply change from a
public facing sshd to the openVPN server? Doesn't an sshd which
requires a certificate challenge to gain access = the protection of
openVPN?
I ask this despite regularly seeing attacks on my sshd but never
having seen an attack on my openVPN server. (probably answering my own
question, eh?)
On 5/4/2019 10:15 AM, Stephen Kraus wrote:
> Why is your SSH public facing anyways? OpenVPN is free, set it up
> and deny any SSH from external IPs. Best practice is to always use
> VPN or a Jump Box to access SSH.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.lug.boulder.co.us/pipermail/lug/attachments/20190504/4c7f0e8e/attachment.html>
More information about the LUG
mailing list