[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: SSH attack

On 11/10/05, Marty <martyb@ix.netcom.com> wrote:

> If your machines are all exposed to the internet or to an insecure
> LAN, then I don't see how you can safely use ssh at all.  I would
> never attempt such a thing, so you are much braver than I.
> What I would do instead is limit ssh logins to a single heavily
> scrutinized, stripped and locked down, dedicated (internet) ssh server,
> which would be manually activated (maybe remotely) for each ssh
> use, and turn off all other times.

'maybe remotely' - aren't you just pushing back the problem?

Personally I'd go for one ssh gateway into the LAN locked to a limited number
of users (restricted by origin IP if possible) coupled with RSA
authentication and auto-lockdown after x failed connections.

If you have anything that makes that look unsafe, it probably
shouldn't be on the network at all.

Rasputin :: Jack of All Trades - Master of Nuns

Reply to: