Subj : Re: Nightmares / Dreams
To   : Andre
From : McDoob
Date : Thu Mar 31 2022 20:18:05

 An>  Mc> I'm going to give you the excuse of 'youthful exuberance' here. Port 
 An>  Mc> and SSH access are not the same. Do *not* open ANY SSH port to the wo
 An> 
 An> That's somewhat true, but depends on what SSH server program we're
 An> talking about. The likelihood of a working OpenSSH remote exploit is
 An> extremely low, though it has happened occasionally before. 
 An> 
 An> If you use a very strong password that isn't used elsewhere, or better
 An> yet a cert, then you're pretty safe. Even more so if you add MFA.
 An>
 An> That said, my sshd port is not open to the world and even my BBS is only
 An> open to like seven countries.

At the very least, brute-force attacks are still a thing. There's only so many characters in a single password.

I'm not giving anyone advice here! I am very much trying to avoid this subject! But, I may or may not know what I'm talking about when it comes to network penetration...

I definitely do wear a white hat, when it comes to this sort of thing.

McDoob
SysOp, PiBBS
pibbs.sytes.net

.... My software never has bugs. It just develops random features...

--- Mystic BBS v1.12 A47 2021/12/24 (Raspberry Pi/32)
 * Origin: PiBBS (21:4/135)

.