Security Basics mailing list archives
Re: Cisco PIX with SSH enabled on external port for maintenance
From: John Maher <john.e.maher () gmail com>
Date: Tue, 15 Nov 2005 15:49:07 -0500
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Chris Largret wrote:
If you DO allow access to SSH to the outside world, there are a few things you can do to make it more secure: 1. Use a non-standard port 2. Use only the strongest algorithms that SSH supports 3. Change the passwords regularly 4. Allow only strong passwords 5. Limit which IP addresses can connect
If feasible, I would recommend using public key authentication and disabling password authentication. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.1 (GNU/Linux) Comment: Using GnuPG with Fedora - http://enigmail.mozdev.org iD8DBQFDeknDuY7WcSII22oRAqCHAJ0cidbUKqRm4qUKzu/8buP/62haAgCcDJhf H7mx4DzKwoJz01a/R6gVN+M= =r+xe -----END PGP SIGNATURE-----
Current thread:
- Cisco PIX with SSH enabled on external port for maintenance Cam Fischer (Nov 10)
- Re: Cisco PIX with SSH enabled on external port for maintenance Alloishus BeauMains (Nov 15)
- Re: Cisco PIX with SSH enabled on external port for maintenance Chris Largret (Nov 15)
- Re: Cisco PIX with SSH enabled on external port for maintenance John Maher (Nov 16)
- Re: Cisco PIX with SSH enabled on external port for maintenance Alloishus BeauMains (Nov 17)
- Re: Cisco PIX with SSH enabled on external port for maintenance Cory Stoker (Nov 21)
- Re: Cisco PIX with SSH enabled on external port for maintenance Alloishus BeauMains (Nov 21)
- Re: Cisco PIX with SSH enabled on external port for maintenance John Maher (Nov 16)
- <Possible follow-ups>
- Re: Cisco PIX with SSH enabled on external port for maintenance Steve.Cummings (Nov 15)
- ActivX execution with PowerUser Privilege Marco Spennato (Nov 16)
- Re: Cisco PIX with SSH enabled on external port for maintenance Cory Stoker (Nov 16)