So I know commenting on people's choices of security policies is generally not done, hence there aren't "How-To's" on the topic really, but here we go:
The point of this box is to be a data share for multiple users in a lab. The box needs to be accessible from wherever they are. We are going to use SFTP / FTPS. I plan on also configuring fail2ban and deny hosts. The box will have a public facing IP address (Our campus doesn't have a Firewall or NAT to speak of). The root user account password has been reasonably secured.
If I'm blocking brute force attacks, and only allowing SFTP / FTPS with decent user password strength, does that seem "secure"? Are there fundamental stupid oversights in this thought process?
-Thanks
The point of this box is to be a data share for multiple users in a lab. The box needs to be accessible from wherever they are. We are going to use SFTP / FTPS. I plan on also configuring fail2ban and deny hosts. The box will have a public facing IP address (Our campus doesn't have a Firewall or NAT to speak of). The root user account password has been reasonably secured.
If I'm blocking brute force attacks, and only allowing SFTP / FTPS with decent user password strength, does that seem "secure"? Are there fundamental stupid oversights in this thought process?
-Thanks