Jump to content


SquallStrife

Member Since 10 Sep 2008
Offline Last Active Private
***--

Posts I've Made

In Topic: Tips for securing public-facing SFTP?

29 March 2018 - 01:21 PM

I see what you're saying, but I've never been much of a believer in security-through-obscurity.

Given that the site is mentioned a lot in vintage computing circles, and now ranks highly in searches for old drivers, I'm not surprised at all that it's a target for more than just the most casual script kiddies.

In Topic: Tips for securing public-facing SFTP?

27 March 2018 - 01:40 PM

In my mind, a better host discovery method would be a SYN sweep on port 80 or similar, to find hosts offering at least one public-facing service, since ICMP blocking seems to be common practice.

Time will tell I suppose!

In Topic: Tips for securing public-facing SFTP?

27 March 2018 - 10:12 AM

I'll keep that in mind if ICMP traffic becomes a problem.

However I've discovered that you can indeed just drop ICMP echo, while still responding correctly to other types:

iptables -A INPUT -p icmp --icmp-type echo-request -j DROP

In Topic: Tips for securing public-facing SFTP?

26 March 2018 - 02:32 PM

Pretty much. Being a public-facing site, I don't want it to be misbehaving in funny ways because I tried to do something spec-breaking.

In Topic: Tips for securing public-facing SFTP?

26 March 2018 - 12:13 PM

Ping, specifically, probably none.

But ICMP is used for other things (see the link I posted in the previous post), and I don't know if iptables lets you just drop one type of ICMP packet?