[lug] keeping up with attacks

Bucky Carr bcarr at purgatoire.org
Sat May 4 10:25:48 MDT 2019

Educate me a bit. Wouldn't the attack vector then simply change from a 
public facing sshd to the openVPN server? Doesn't an sshd which 
requires a certificate challenge to gain access = the protection of 

I ask this despite regularly seeing attacks on my sshd but never 
having seen an attack on my openVPN server. (probably answering my own 
question, eh?)

On 5/4/2019 10:15 AM, Stephen Kraus wrote:
> Why is your SSH public facing anyways? OpenVPN is free, set it up 
> and deny any SSH from external IPs. Best practice is to always use 
> VPN or a Jump Box to access SSH.

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.lug.boulder.co.us/pipermail/lug/attachments/20190504/4c7f0e8e/attachment.html>

More information about the LUG mailing list