[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: SSH attack

Dick Davies wrote:
On 11/10/05, Marty <martyb@ix.netcom.com> wrote:

If your machines are all exposed to the internet or to an insecure
LAN, then I don't see how you can safely use ssh at all.  I would
never attempt such a thing, so you are much braver than I.

What I would do instead is limit ssh logins to a single heavily
scrutinized, stripped and locked down, dedicated (internet) ssh server,
which would be manually activated (maybe remotely) for each ssh
use, and turn off all other times.

'maybe remotely' - aren't you just pushing back the problem?

Yes it replaces one security headache with another, but having
remote out-of-band access may be useful for other reasons, and
therefore worth the risk.

I first got the idea from ISPs which allow remote control of customer
servers for reboots or maintenance.

For example, I might use a modem on a system with no LAN connection,
controlling an X-10 network.  Then hopefully the worst damage an
intruder could do is reboot or power off the servers.

Reply to: