-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Sujith M K wrote: > Ref Link : http://secer.org/hacktools/0day-openssh-remote-exploit.html > > Securing the sshd of your customer's servers ASAP by following > atleast the following steps. > > 1) Change Default SSH Port > 2) Disable Direct Root Login > 3) Disable common wheel users like admin. Use a hard to guess wheel username > 4) Disable shell access for all customers. > 5) If possible allow access to SSH only from Bobcares and Customer's > ip address ( Use firewall and hosts.{allow,deny} file to do this. ) > > Step 1, 2 and 3 makes it hard for the users to guess ssh port and wheel username > Step 4 prevents user accounts from getting hacked. > Step 5 make it almost 100% fool proof unless someone from own network > or the client's network tries to hack. > > Regards > Sujith > Good general advice. I always either use a port knocker or have ssh only listen on an internal IP accessible only through a VPN. I was not worried about my or my customer's systems, but was curious if anyone knew what was going on. Jon Kibler - -- Jon R. Kibler Chief Technical Officer Advanced Systems Engineering Technology, Inc. Charleston, SC USA o: 843-849-8214 c: 843-813-2924 (NEW!) s: 843-564-4224 http://www.linkedin.com/in/jonrkibler My PGP Fingerprint is: BAA2 1F2C 5543 5D25 4636 A392 515C 5045 CF39 4253 -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.8 (Darwin) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iEYEARECAAYFAkpVMGQACgkQUVxQRc85QlNuXwCePbtl6aXKhl/2D37kAQ/gmeAA RecAnjUf+3WIsCJtVJTHSyz/syqfURvS =Hi5p -----END PGP SIGNATURE----- ================================================== Filtered by: TRUSTEM.COM's Email Filtering Service http://www.trustem.com/ No Spam. No Viruses. Just Good Clean Email.
