[COLUG] Verizon sync accounts, port 110 et. al.

[Mark L. Wise]

Aaron,

Thanks for the response.

If I did turn on encryption for that service/port, would it really keep 
me safe from someone trying to exploit that port?  Encryption only keeps 
people from sniffing out usernames and passwords, but how about the 
hackers that are just trying to guess valid names and passwords?  (or 
using tools to run through many in rapid succession....)

I don't think firestarter has support directly for rate limiting, etc... 
however, there are hooks that allow me to add IPTABLES entries.  Are 
their rules that I could implement through this process that would 
accomplish this?  (I use an automated process to help protect port 22 
(ssh) from hackers that automatically updates hosts.deny (I think it is 
called DenyHosts)... is there something similar for port 110/995)?

Thanks!

Mark


Aaron Howard wrote:
> On 9/14/07, Mark L. Wise <mark at alpha2.com> wrote:
>   
>> Am I being too severe in my firewall rules restricting incoming
>> connections to these ports?
>>     
>
> That depends.  How valuable is the data those rules protect?  Do the
> handhelds support authentication?  Encrypted authentication?  Are they
> Blackberry devices or Treos?
>
> If they will do encrypted authentication, I'd say you should loosen up
> your restriction a bit, allow incoming connections from any IP to
> those ports, and properly configure the services to only "talk"
> encrypted and require an encrypted authentication method.
>
> Does firestarter support rate limiting, bandwidth throttling, or IDS
> features to auto-block out IPs if it detects someone trying to abuse
> those open ports?
>
> -Aaron
> _______________________________________________
> colug432 mailing list colug432 at colug.net
> http://www.colug.net/mailman/listinfo/colug432
>
>   

-- 
Mark L. Wise

Alpha II Service, Inc.
1312 Epworth Ave
Reynoldsburg, Ohio 43068-2116
USA

Office: (614) 868-5033
Fax: (614) 868-1060
Email: mark at alpha2.com
WEB: www.alpha2.com