[BC] Email Client Hosts, a Survey
Harold Hallikainen
harold
Sun Jun 18 10:30:19 CDT 2006
> It's not really necessary to gain ppp access, Harold.
> ssh can do port forwarding over the encrypted link, and
> allow full use of whatever mail program you choose on
> the remote machine. ( or any other program that exists
> on the remote host, for that matter, via X forwarding )
I normally use SquirrelMail a PHP webmail script running on my server.
When I want to do email offline (download, read, reply, upload later), I
use Evolution. I'm using IMAP for both SquirrelMail and Evolution, but
have the IMAP port blocked at the router, so I use ssh port forwarding to
access IMAP remotely. I have a script on my laptop that sets up the
forwarding for me. SSH port forwarding is really nice since all data,
passwords, etc. are encrypted, especially important with wireless from the
laptop.
I do a daily log review on the machine and found a while back that there
were thousands of attempts at ssh login that were failing each day. I
added the sshblacklist script that reviews the /var/log/secure and blocks
IP addresses that fail on username or password three times (block is
through adding a block to iptables). This has dropped the bad logins to
three or four a day, after which they are blocked. sshblacklist is a neat
script in that you can tell it which log to watch and what to watch for.
So, I have another copy running that watches for breakin attempts through
httpd. I watch for URLs that include the words 'echo' 'winnt' or various
other things that are definitely not on the server.
Harold
--
FCC Rules Updated Daily at http://www.hallikainen.com - Advertising
opportunities available!
More information about the Broadcast
mailing list