Re: SSH attack
On 11/10/05, Marty <firstname.lastname@example.org> wrote:
> If your machines are all exposed to the internet or to an insecure
> LAN, then I don't see how you can safely use ssh at all. I would
> never attempt such a thing, so you are much braver than I.
> What I would do instead is limit ssh logins to a single heavily
> scrutinized, stripped and locked down, dedicated (internet) ssh server,
> which would be manually activated (maybe remotely) for each ssh
> use, and turn off all other times.
'maybe remotely' - aren't you just pushing back the problem?
Personally I'd go for one ssh gateway into the LAN locked to a limited number
of users (restricted by origin IP if possible) coupled with RSA
authentication and auto-lockdown after x failed connections.
If you have anything that makes that look unsafe, it probably
shouldn't be on the network at all.
Rasputin :: Jack of All Trades - Master of Nuns