[Dshield] How do you all handle SSH access to campus resources?
David Cary Hart
DShield at TQMcube.com
Thu May 5 17:08:59 GMT 2005
On Wed, 2005-05-04 at 11:22 -0400, Michael Horne wrote:
> First time poster here looking for some info on how Universities and
> others handle SSH access to there campus and how restrictive it is
> I have been following the SSH thread and this aspect has not come up to
> date. By the way we have implemented some of the recommendations posted.
My prior environment was 1,200 students - five locations.
a. SSH only accounts. Strong passwords. In other words, no valid ssh
user will send email with that user name.
b. Swatch daemon to move intrusion attempts to firewall on first try.
c. Selective implementation. SSHd disabled by default.
d. Protocol 2 only.
e. Restrict to known hosts.
f. Specific "AllowUsers.
Multi-RBL Check: http://www.TQMcube.com/rblcheck.htm
Kill Spam at the Source: http://www.TQMcube.com/spam_trap.htm
Today's Spam Trap Adds: http://www.TQMcube.com/BlockedToday
RBLDNSD HowTo: http://www.TQMcube.com/rbldnsd.htm
More information about the list