[lug] keeping up with attacks
Rob Nagler
nagler at bivio.biz
Sat May 4 10:37:38 MDT 2019
On Sat, May 4, 2019 at 10:15 AM Stephen Kraus wrote:
> Why is your SSH public facing anyways? OpenVPN is free, set it up and
deny any SSH from external IPs. Best practice is to always use VPN or a
Jump Box to access SSH.
I will fail my network security certification for saying this: OpenSSH is
more secure than OpenVPN.
They both use the same software encryption software so that's a wash. The
difference is that OpenSSH is older and much more widely installed.
Therefore, I trust it more than OpenVPN.
Bastion hosts (your jump boxes) encourage chewy centers.
Rob
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.lug.boulder.co.us/pipermail/lug/attachments/20190504/72136c42/attachment.html>
More information about the LUG
mailing list