unemployment, domains and networks

Being unemployed, gives me a shitload of free time to tinker and tweak on my computer(s).

I really love technology, and consider myself to be quite the technophiliac. But in the past few months, I've been considering if I actually want to dedicate the rest of my work-life doing tedious, repetitive and mind-numbing work like: tech support, helpdesk consultation, programming, etc.

...

That being said, I recently acquired a gigabit switched, wireless-N router. To set up my domain, on-location where I live. Everything went according to plan, until I kept getting DoS-attack entries in my NAT-logs on a daily basis.

Surfing the router-manufacturer's forums gave me the impression that an insecure computer on my network was spewing conns to the web, overloading the router with ACKs and RSTs. But after a weekend of intensive packet-sniffing, it turned out to be a port-related problem.

My webserver binds to standard port 80, and a lot of script kiddies/zombies out there were overloading it with bogus http requests. So I decided to solve it like I have before.

Stop running httpd on port 80, and switch to a non-standard high-range port to prevent 'automagic' hacker-scans from the net to discover the entry-point to my networks. Then, add two security-modules to httpd and configure them to act aggressively. And finally, add some dns-records and www-forwardings to re-route traffic accordingly.

After running this set-up for a couple of days, I'm now quite confident I won't have this problem again until some blackhat develops a method to find and penetrate stealth-ports.

Or.., until someone with a grudge spends enough time packet-sniffing my traffic to reveal my outbound service-ports. All though highly unlikely, it COULD happen... But I'll worry about it when and if it happens.