CentOS Web Panel
-
changing port does not make any difference to security but I suppose if hackers are only scanning common ports it disguises it a little. I personally have no issue using port 22 with keys and strong password, also with root access disabled to ssh.
-
@StuartJordan That's the way to go
-
I don't think any actual hackers limit to common ports.
-
@scottalanmiller said in CentOS Web Panel:
I don't think any actual hackers limit to common ports.
Ya it takes like an extra 7 seconds to scan the rest (at least with nmap)
-
If you use something like Salt you can go to no ports open at all. Short of that, I stick to standard ports.
-
@scottalanmiller said in CentOS Web Panel:
If you use something like Salt you can go to no ports open at all. Short of that, I stick to standard ports.
I've seen you say that before. Their documentation says you need 4505 and 4506 open.
-
@stacksofplates said in CentOS Web Panel:
@scottalanmiller said in CentOS Web Panel:
If you use something like Salt you can go to no ports open at all. Short of that, I stick to standard ports.
I've seen you say that before. Their documentation says you need 4505 and 4506 open.
Your aren't looking at the right thing. That's the server not the Minion.
-
@scottalanmiller said in CentOS Web Panel:
@stacksofplates said in CentOS Web Panel:
@scottalanmiller said in CentOS Web Panel:
If you use something like Salt you can go to no ports open at all. Short of that, I stick to standard ports.
I've seen you say that before. Their documentation says you need 4505 and 4506 open.
Your aren't looking at the right thing. That's the server not the Minion.
Ah, you didn't specify above, just said Salt.
-
@scottalanmiller said in CentOS Web Panel:
@stacksofplates said in CentOS Web Panel:
@scottalanmiller said in CentOS Web Panel:
If you use something like Salt you can go to no ports open at all. Short of that, I stick to standard ports.
I've seen you say that before. Their documentation says you need 4505 and 4506 open.
Your aren't looking at the right thing. That's the server not the Minion.
Similar to Ansible pull. Just need 80 or 443 open on the git server.
-
@stacksofplates said in CentOS Web Panel:
@scottalanmiller said in CentOS Web Panel:
@stacksofplates said in CentOS Web Panel:
@scottalanmiller said in CentOS Web Panel:
If you use something like Salt you can go to no ports open at all. Short of that, I stick to standard ports.
I've seen you say that before. Their documentation says you need 4505 and 4506 open.
Your aren't looking at the right thing. That's the server not the Minion.
Ah, you didn't specify above, just said Salt.
Your servers don't have ports open when you use Salt. We are talking ability the removal of SSH ports from your servers. All of your servers (aka minions) can be sans SSH ports. Of course they still need their service ports open like 80 or whatever. But SSH is not needed, no access ports are.
-
@stacksofplates said in CentOS Web Panel:
@scottalanmiller said in CentOS Web Panel:
@stacksofplates said in CentOS Web Panel:
@scottalanmiller said in CentOS Web Panel:
If you use something like Salt you can go to no ports open at all. Short of that, I stick to standard ports.
I've seen you say that before. Their documentation says you need 4505 and 4506 open.
Your aren't looking at the right thing. That's the server not the Minion.
Similar to Ansible pull. Just need 80 or 443 open on the git server.
Ansible pull isn't the same. Salt leaves full, instant control in place.
-
@scottalanmiller said in CentOS Web Panel:
@stacksofplates said in CentOS Web Panel:
@scottalanmiller said in CentOS Web Panel:
@stacksofplates said in CentOS Web Panel:
@scottalanmiller said in CentOS Web Panel:
If you use something like Salt you can go to no ports open at all. Short of that, I stick to standard ports.
I've seen you say that before. Their documentation says you need 4505 and 4506 open.
Your aren't looking at the right thing. That's the server not the Minion.
Ah, you didn't specify above, just said Salt.
Your servers don't have ports open when you use Salt. We are talking ability the removal of SSH ports from your servers. All of your servers (aka minions) can be sans SSH ports. Of course they still need their service ports open like 80 or whatever. But SSH is not needed, no access ports are.
Right no SSH, but you said
If you use something like Salt you can go to no ports open at all.
You didn't specify minion or not. You have to have open ports somewhere, server or minion.
-
@stacksofplates said in CentOS Web Panel:
@scottalanmiller said in CentOS Web Panel:
@stacksofplates said in CentOS Web Panel:
@scottalanmiller said in CentOS Web Panel:
@stacksofplates said in CentOS Web Panel:
@scottalanmiller said in CentOS Web Panel:
If you use something like Salt you can go to no ports open at all. Short of that, I stick to standard ports.
I've seen you say that before. Their documentation says you need 4505 and 4506 open.
Your aren't looking at the right thing. That's the server not the Minion.
Ah, you didn't specify above, just said Salt.
Your servers don't have ports open when you use Salt. We are talking ability the removal of SSH ports from your servers. All of your servers (aka minions) can be sans SSH ports. Of course they still need their service ports open like 80 or whatever. But SSH is not needed, no access ports are.
Right no SSH, but you said
If you use something like Salt you can go to no ports open at all.
You didn't specify minion or not. You have to have open ports somewhere, server or minion.
Okay but the context of the discussion is the server. It needs no ports open.
-
If you have Salt hosted, there are no ports on your end at all.
