[vox] RE: security dilemma
BRANDON TEARSE
tearseb at msn.com
Thu Sep 21 13:51:51 PDT 2006
These responses thus far are all excellent security measures that
essentially tell you to secure your box w/o using address-based
authentication. Their security measures are important but do remember that
even if you can exclude half of the IPs from connecting to your machine,
that's a significant portion of the internet that wont be able to attack you
(it sounds like you can even get down to excluding 24/25ths of the internet
even.)
You mentioned that you couldn't figure out what the full range of allowable
IPs are for your ISP. This is generally fairly easy to ascertain with a few
ARIN lookups (check the various IPs you've got and you'll probably find a
common company who's range you can stick in your allow list.)
Alternatively, someone suggested using DynDNS as a service to constantly
update what your current IP and stick that in an allow rule (This is what I
do and it works nicely). DynDNS of course costs a yearly fee (granted,
having a "static" dynamic address is handy for all sorts of other things
too) whereas the ARIN lookups are free.
Just thought I'd mention the relatively easy ARIN lookup solution.
- Brandon Tearse
_________________________________________________________________
Add fun gadgets and colorful themes to express yourself on Windows Live
Spaces
http://clk.atdmt.com/MSN/go/msnnkwsp0070000001msn/direct/01/?href=http://www.get.live.com/spaces/features
More information about the vox
mailing list