[Dshield] How do you all handle SSH access to campus resources?

Brenden Walker BKWalker at drbsystems.com
Wed May 4 18:27:22 GMT 2005


> -----Original Message-----
> From: list-bounces at lists.dshield.org 
> [mailto:list-bounces at lists.dshield.org] On Behalf Of Michael Horne
> Sent: Wednesday, May 04, 2005 11:23 AM
> To: SECURITY at LISTSERV.EDUCAUSE.EDU
> Cc: list at lists.dshield.org
> Subject: [Dshield] How do you all handle SSH access to campus 
> resources?
> 
> Hello,
> 
<snip>

> I have been tasked with trying to cut down the allowed source 
> IP's and was wondering how and if any of you have any luck 
> with global blocking of ranges from known abuse sources for 
> SSH access?

Put SSH on some other port, that solved the brute force attacks for me.
That being said, I also run portsentry which does a pretty decent job of
locking out port scanners so they don't have a chance to find SSH
services open on a high numbered port.




More information about the list mailing list