Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

I've had SSH, SMTP, POP3, HTTP, HTTPS and many other services open to the world since the 90's. I have fail2ban running. It is not that scary.


Yes, after changing the ssh port, and fail2ban on the server completely stopped those pesky ssh log in attempts.

But, on home computer, I do not want to be bothered with all the security efforts, and want to keep it simple. But I have plans to put up an isolated server setup someday. But too broke right now, and looking for a job. heh.

I have seen people, who is using simple password based authentication, with really simple password. I always go and fix that first, so, it's too common, which is why It's scary.


Also, strong, random-looking passwords for droplets or apps saved in a text file. Use the Digital Ocean guide on setting up a Linux box securely and the UFW firewall. Then, lighttpd, BunnyCDN (esp for SSL), and periodic updates.

Works so well that it's easy to forget they're running.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: