SSH2 with SecureID (or at least S/KEY) support tunneled via plug-gw from a
DMZ ssh host to your inbound hosts.
Chris
-Original Message-
From: Scott Kellerman [mailto:[EMAIL PROTECTED]]
Sent: Wednesday, May 02, 2001 10:35 AM
To: [EMAIL PROTECTED]
Subject: [FW1] SSH on port 22
When we
People try to break into things when they don't know what they are, more
likely than something known like port 22.
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED]]On Behalf Of
Scott Kellerman
Sent: Wednesday, May 02, 2001 10:35 AM
To: [EMAIL PROTECTED]
Subject: [FW1]
>Does using the standard port 22 open us up to more attacks,
>and what are the thoughts of allowing SSH to directly access
>internal networks from the internet ?
Opening ports directly to your systems, especially on known ports, is always
a security concern.
The degree of risk depends on th
Changing default port assignments will probably create more problems then it
would solve.
In general, it's a myth that it would be more secure if you do it. Any
decent hacker would
pick it up pretty quickly. Allowing any direct access into your internal
network, other than
your DMZ is ill-advise
