[Dshield] How do you all handle SSH access to campus resources?
BKWalker at drbsystems.com
Wed May 4 18:27:22 GMT 2005
> -----Original Message-----
> From: list-bounces at lists.dshield.org
> [mailto:list-bounces at lists.dshield.org] On Behalf Of Michael Horne
> Sent: Wednesday, May 04, 2005 11:23 AM
> To: SECURITY at LISTSERV.EDUCAUSE.EDU
> Cc: list at lists.dshield.org
> Subject: [Dshield] How do you all handle SSH access to campus
> I have been tasked with trying to cut down the allowed source
> IP's and was wondering how and if any of you have any luck
> with global blocking of ranges from known abuse sources for
> SSH access?
Put SSH on some other port, that solved the brute force attacks for me.
That being said, I also run portsentry which does a pretty decent job of
locking out port scanners so they don't have a chance to find SSH
services open on a high numbered port.
More information about the list