I.T. Security and Linux Administration

Oct 27 2010   11:42AM GMT

Prelude to SSH Security (why I’m starting this series)



Posted by: Eric Hansen
Tags:

This probably should have been posted prior to my previous post, but I didn’t really think of posting this until just now. However, I’d like to make a note as to why I’m starting this mini-series of sorts.

After reading this article, it got me thinking; “I have SSH at home, why don’t I force connections to that to make sure my data is secure?” While it’s true nothing is ever 100% secure (if someone tells you otherwise, I’d love to hear how this is possible), data leaks is finding a new home in the “fear list” of sorts.

The premise, if you’re not interested in going to the above link, is basically that most websites don’t secure data beyond the log in page. It talks about a proof-of-concept extension in Firefox that lets you sniff out other users’ data while connected to a hot spot.

Now, while my logic is more of a “you get what comes to you” approach, I’d also like to help people out and not have them get their accounts hacked. You can use programs like Tor (but even that’s a pretty dangerous step to take), or just not log in to your Facebook or Twitter anywhere besides your home computer (or phone if you’re not connecting to a wireless AP), but what if you don’t want to do either of these? Well, you can use SSH to open up a SOCKS proxy so all data will be sent through SOCKS to your SSH server.

This is what this series is going to ultimately get to. While it’s a pretty short series all-in-all, I feel it’s a step in the right direction with this blog, and with what’s going on lately and all these scares, there’s no harm in bringing forth a new view point on a topic that can always use a new voice.

Also, please keep in mind that all of the steps and information I’m passing along to this topic is of my own advice, you can alter it and/or not take it at all. There’s always room to improve what’s already been done, and I’m more than open to hearing about what you choose to do.

In the mean time, I’m going to see where I should take this series next (whether I should do a part 1b or start on part 2), and continue from there. While I doubt I’ll be posting a new entry this weekend, I do plan on sparking some life and (hopefully) debates in this blog and getting things rolling again. I’ll probably take breaks in-between form my series (as I plan on doing at least one a month) to discuss other IT-related material as well, so we’ll see what the world brings us, one cycle at a time.

 Comment on this Post

 
There was an error processing your information. Please try again later.
Thanks. We'll let you know when a new response is added.
Send me notifications when other members comment.

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to: