Language Selection

English French German Italian Portuguese Spanish

SSH Security Primer: Server Security Settings

Filed under
HowTos

My previous article in this series discussed SSH client security settings. To summarize, if you can’t control installations of rogue SSH clients, your only control is to limit outbound access through firewalling or other network-layer controls. Another of my articles discusses the issues with allowing outbound SSH access to the Internet.

SSH Servers: A Basic Risk Analysis

How do you secure your SSH servers? What are the total risks of such servers to your organization? You’re well aware of the possibility of people hacking your server and getting unauthorized access. That’s bad. But there are other risks. The SANS Institute’s Top 20 risk list really stresses SSH risks. If compromised, that host can be a router/forwarder that will forward any kind of traffic to any host the p0wned box can access—even your "secured" hosts given Internet Assigned Numbers Authority (IANA) reserved IP addresses. (Read RFC 3330 and RFC 1918 for the gory details on these addresses.) In most cases, those addresses aren’t accessible over the Internet.

More of a concern is your host’s threat to the rest of the Internet.

Full Story.

More in Tux Machines

Ubuntu 14.10 (Utopic Unicorn) to Reach End of Life Soon

Canonical has just announced that Ubuntu 14.10 (Utopic Unicorn) will reach end on life in just a couple of weeks, on July 23. Read more

You Can Now Upgrade to Linux Mint 17.2 "Rafaela"

Now that Linux Mint 17.2 "Rafaela" has been officially released, both for the MATE and Cinnamon flavors, the upgrade path has been opened for the users of older versions. Read more

YotaPhone drops Android for Sailfish OS

You may not have heard of them but Yota is a Russian company who dared to be different with their YotaPhone 2 smartphone. While most manufacturers tend to stick to tried-and-tested designs, Yota took a risk with the YotaPhone 2 and if you somehow haven’t heard of it, the dual-screen smartphone was one of the most unique Android devices ever made. Read more

Today in Techrights