[Dshield] How do you all handle SSH access to campus resources?

Michael Horne Michael.Horne at olin.edu
Wed May 4 15:22:42 GMT 2005


Hello,

First time poster here looking for some info on how Universities and
others handle SSH access to there campus and how restrictive it is
configured.
I have been following the SSH thread and this aspect has not come up to
date. By the way we have implemented some of the recommendations posted.
Thanks! 

Background here is we are a small college with 200+ students and 75+
faculty members IT is made up by 15 people and we do it all, I am the
network / security eng. 
Currently we have a single SSH gateway on a DMZ.
We allow connections from the internet and are allowing port forwarding
through the gateway to internal resources.
We have as you all have been spam'd by the number of brute force
attempts into our systems.
I have been tasked with trying to cut down the allowed source IP's and
was wondering how and if any of you have any luck with global blocking
of ranges from known abuse sources for SSH access?
I.e... Anyone have any luck with blocking APNIC ranges for home cable
modem users which seems to be a large source of the brute force
attempts?

Any info would be greatly appreciated.

Thanks
Mike


Michael Horne
Network Engineer
Olin College
Olin Way Needham, MA 02492
781-292-2438




More information about the list mailing list