From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <virtualsky.sk@gmail.com>
X-Spam-Checker-Version: SpamAssassin 3.2.5 (2008-06-10) on sa.int.altlinux.org
X-Spam-Level: 
X-Spam-Status: No, score=-1.9 required=5.0 tests=BAYES_00,SPF_NEUTRAL
	autolearn=no version=3.2.5
Date: Tue, 02 Mar 2010 17:28:31 -0600
From: Virtual Sky <virtualsky.sk@gmail.com>
In-reply-to: <20100302211126.GW18182@osdn.org.ua>
To: "ALT Linux users (in English only)" <community-en@lists.altlinux.org>
Message-id: <4B8D9F1F.7060507@gmail.com>
MIME-version: 1.0
Content-type: text/plain; charset=ISO-8859-1; format=flowed
Content-transfer-encoding: 7BIT
References: <4B8C7278.2060404@gmail.com> <20100302073437.GR18182@osdn.org.ua>
	<1267516014.24688.14.camel@latitude.arlan>
	<5d2de3011003020934o322e4139o6fb63079c9f61fd4@mail.gmail.com>
	<20100302211126.GW18182@osdn.org.ua>
User-Agent: Mozilla/5.0 (X11; U; Linux i586; en-US; rv:1.8.1.23) Gecko/20090910
	SeaMonkey/1.1.18
X-Proofpoint-Virus-Version: vendor=fsecure engine=1.12.8161:2.4.5, 1.2.40,
	4.0.166
	definitions=2010-03-02_13:2010-02-06, 2010-03-02,
	2010-03-02 signatures=0
X-Proofpoint-Spam-Details: rule=outbound_notspam policy=default score=0
	spamscore=0 ipscore=0
	phishscore=0 bulkscore=0 adultscore=0 classifier=spam adjust=0
	reason=mlx
	engine=5.0.0-0908210000 definitions=main-1003020250
Subject: Re: [Comm-en] ALT Server 4.0 - Preventing Root Log-ins
X-BeenThere: community-en@lists.altlinux.org
X-Mailman-Version: 2.1.12
Precedence: list
Reply-To: virtualsky.sk@gmail.com, "ALT Linux users \(in English only\)"
	<community-en@lists.altlinux.org>
List-Id: "ALT Linux users \(in English only\)"
	<community-en.lists.altlinux.org>
List-Unsubscribe: <https://lists.altlinux.org/mailman/options/community-en>,
	<mailto:community-en-request@lists.altlinux.org?subject=unsubscribe>
List-Archive: <http://lists.altlinux.org/pipermail/community-en>
List-Post: <mailto:community-en@lists.altlinux.org>
List-Help: <mailto:community-en-request@lists.altlinux.org?subject=help>
List-Subscribe: <https://lists.altlinux.org/mailman/listinfo/community-en>,
	<mailto:community-en-request@lists.altlinux.org?subject=subscribe>
X-List-Received-Date: Tue, 02 Mar 2010 23:30:28 -0000
Archived-At: <http://lore.altlinux.org/community-en/4B8D9F1F.7060507@gmail.com/>
List-Archive: <http://lore.altlinux.org/community-en/>


> On Tue, Mar 02, 2010 at 11:34:01AM -0600, Virtual Sky Solutions wrote:
>   
>> Now, I'm not an expert on Apache or other such things - I just
>> know enough to work my way around basic configurations.
>> However, thinking about it some more, would I be correct in
>> saying:  I could help prevent unwanted hacking of my server by
>> changing the web configurator access port, from 8080 to another
>> unused port?
>>     
> Somewhat yes, since 8080 is well known http-related port;
> but moreso with firewall setup blocking access to this or
> another configured port by default and allowing it from a
> few select IPs.
>
> If feeling adventurous, you could also look into "knock"
> package to employ so called port knocking technique on top
> of "deny by default" firewall policy for web interface.
>
>   
Ah, yes... port "knocking".  I forgot all about that.  I'll look in to 
it for sure.  Thanks for the suggestion!

David.