[unisog] Remote Access to Staff Desktops
ch at it-austria.net
Thu Feb 26 06:59:22 GMT 2009
> * BACHAND, Dave (Info. Tech. Services) <BachandD at easternct.edu> [Mon, 23
> Feb 2009 10:03:39 -0500]:
>> [snipped world runs RDP it seems :) ]
>> No other remote access is allowed.
> I have been pondering about global SSH access being permitted, however
> the list would have dynamic blacklistings of workstations that were
> marked vunerable. Vunerable meaning:
> 1) permitting SSH version 1
> 2) running a known vunerable SSH server version
> 3) permitting plaintext login
> The 'tweak' to the third clause would be that OTP's would be permitted
> along side the usual pubkey auth only approaches.
> Annoyingly scanssh does not seem to go far enough. Anyone got any
> suggestions? All the useful info seems present via 'ssh -vvv', so maybe
> some ugly Perl-glue is called for...
>  http://monkey.org/~provos/scanssh/
> Alexander Clouter
> .sigmonster says: Everyone is entitled to my opinion.
> unisog mailing list
> unisog at lists.dshield.org
More information about the unisog