Proxie & VPN security concerns when $ is involved.
When I set up my first server I was concerned with securing it. I changed the ssh password, set up a username, disabled root, changed the ssh port and added a RSA-ssh key so my username and password couldn't be captured.
Lately after the post "help with socks5" and things I've read on other forums. It got me thinking this wasn't really that secure so I started researching how to set up a honeypot in my server just for added security. (ban ip addresses that try to connect to the dummy ssh port 22, block DDoS attacks on 443, stop brute-force attacks on the actual ssh port, alert me when files are changed, etc...).
I'm not trying to scare anyone from the two big VPN sellers in this forum, let me set that straight off rip...
What I'd be more concerned with is the cheap, and differently the free VPN & proxie services that are out there. If someone is able to mass market VPN's or proxie's you can guarantee they're capable of setting up a honeypot in the server to capture all your info going through it.
Just do a google search on " VPN honeypot" and see what the possibilities are. You can think for yourself, I'm just sharing what I've learned.
Last edited by nate; 08-18-2017 at 03:00 PM.
|