Re: SSH attack

To: Debian User <debian-user@lists.debian.org>
Subject: Re: SSH attack
From: Dick Davies <rasputnik@gmail.com>
Date: Tue, 11 Oct 2005 11:23:37 +0100
Message-id: <[🔎] 3f1760510110323i323f8ab5i@mail.gmail.com>
In-reply-to: <[🔎] 434B6830.9050704@ix.netcom.com>
References: <[🔎] Pine.LNX.3.96.1051010230303.19907A-100000@Maggie.Linux-Consulting.com> <[🔎] 434B6830.9050704@ix.netcom.com>

On 11/10/05, Marty <martyb@ix.netcom.com> wrote:

> If your machines are all exposed to the internet or to an insecure
> LAN, then I don't see how you can safely use ssh at all.  I would
> never attempt such a thing, so you are much braver than I.
>
> What I would do instead is limit ssh logins to a single heavily
> scrutinized, stripped and locked down, dedicated (internet) ssh server,
> which would be manually activated (maybe remotely) for each ssh
> use, and turn off all other times.

'maybe remotely' - aren't you just pushing back the problem?

Personally I'd go for one ssh gateway into the LAN locked to a limited number
of users (restricted by origin IP if possible) coupled with RSA
authentication and auto-lockdown after x failed connections.

If you have anything that makes that look unsafe, it probably
shouldn't be on the network at all.

--
Rasputin :: Jack of All Trades - Master of Nuns
http://number9.hellooperator.net/

Reply to:

Follow-Ups:
- Re: SSH attack
  - From: Marty <martyb@ix.netcom.com>

References:
- Re: SSH attack
  - From: Alvin Oga <aoga@mail.Linux-Consulting.com>
- Re: SSH attack
  - From: Marty <martyb@ix.netcom.com>

Prev by Date: Re: Basic routing problem
Next by Date: Re: Laptop clock is localtime, system time is off
Previous by thread: Re: SSH attack
Next by thread: Re: SSH attack
Index(es):
- Date
- Thread