hack proofing your network second edition phần 8

Thật không may, phụ thuộc vào một bức tường lửa để gỡ bỏ khả năng truyền tải thông điệp từ bất cứ ai có thể đe dọa mạng của bạn chỉ là không đủ để thực sự an toàn của nó. Đối với một, trừ khi bạn sử dụng một "bức tường lửa theo phong cách quân sự" | Tunneling Chapter 13 541 Setting Up OpenSSH The full procedure for setting up OpenSSH is mostly outside the scope of this chapter but you can find a good guide for Linux at linux security is slightly more complicated those using the excellent UNIX-On-Windows Cygwin environment can get guidance at http those who simply seek a daemon that will work and be done with it should grab Network Simplicity s excellent SSHD build at openssh . Note this very important warning about versions Modern UNIX distributions all have SSH daemons installed by default including Apple s Macintosh OSX unfortunately a disturbing number of these daemons are either SSH or OpenSSH or SSH1 implementations in these packages are highly vulnerable to a remote root compromise and must be upgraded as soon as possible. If it is not feasible to upgrade the daemon on a machine using the latest available at or even the official SSH2 from you can secure builds of OpenSSH that support both SSH1 and SSH2 by editing etc sshd_config and changing Protocol 2 1 to Protocol 2. This has the side effect of disabling SSH1 support entirely which is a problem for older clients. Obscurity is particularly no defense in this situation as well the version of any SSH server can be easily queried remotely as in the following effugas@OTHERSHOE telnet 22 Trying . Connected to . Escape character is . Another important note is that the SSH server does not necessarily require root permissions to execute the majority of its functionality. Any user may execute sshd on an alternate port and even authenticate himself against SSH client in particular may be installed and executed by any normal user this is particularly important when some of the newer features of OpenSSH like ProxyCommand are required but unavailable

Không thể tạo bản xem trước, hãy bấm tải xuống
TỪ KHÓA LIÊN QUAN
TÀI LIỆU MỚI ĐĂNG
Đã phát hiện trình chặn quảng cáo AdBlock
Trang web này phụ thuộc vào doanh thu từ số lần hiển thị quảng cáo để tồn tại. Vui lòng tắt trình chặn quảng cáo của bạn hoặc tạm dừng tính năng chặn quảng cáo cho trang web này.