Re: SSH attack
Dick Davies wrote:
On 11/10/05, Marty <email@example.com> wrote:
If your machines are all exposed to the internet or to an insecure
LAN, then I don't see how you can safely use ssh at all. I would
never attempt such a thing, so you are much braver than I.
What I would do instead is limit ssh logins to a single heavily
scrutinized, stripped and locked down, dedicated (internet) ssh server,
which would be manually activated (maybe remotely) for each ssh
use, and turn off all other times.
'maybe remotely' - aren't you just pushing back the problem?
Yes it replaces one security headache with another, but having
remote out-of-band access may be useful for other reasons, and
therefore worth the risk.
I first got the idea from ISPs which allow remote control of customer
servers for reboots or maintenance.
For example, I might use a modem on a system with no LAN connection,
controlling an X-10 network. Then hopefully the worst damage an
intruder could do is reboot or power off the servers.