Home
Home

Directory
Directory

Articles
Internet News
Security News
Ecommerce News
Domain News

Site Tools
Site Speed Test
Keyword Research
Resolve Hostname
DNS Tools
Register Domains
Affiliate Programs
Open Source

Shopping Carts
Cart Reviews
SSL Certificates

Enter your email address to subscribe to our updates:

Delivered by FeedBurner


Venue Charts
Channel Traffic Rankings
OAI Stock Quotes and Charts
eBay's Worst Feedback

Forum
Forum Home
TulipTools News
Advertising
Blogging
Computer Hardware
Domain Names
Ecommerce
Financing
Int'l Trading
Graphics and HTML
Internet Access
Legal Issues
Internet Business
Auction Sites
Classified Ad Sites
Fixed Price Venues
Operating Systems
Programming
Search Engines
Internet Security
Software
Web Hosting
Webmaster Issues
Reviews
Announcements
Off Topic Discussion

Web Hosting
TulipHosting

Domain Names
TulipDomains

Web Stats
TulipStats

Forum Rules
Forum Rules
Privacy Policy

Site Map
Forum Sitemap
Sitemap Topics




Directory| Forums| Internet News|Cart Reviews| DNS Tools| Keyword Research| Site Speed Test| Security| | Domain Marketplace| Domain Blog
TulipTools Internet Business Owners and Online Sellers Community
  • Home
  • Search
  • Member List
  • Calendar
Hello There, Guest! Login Register
TulipTools Internet Business Owners and Online Sellers Community › Security › Internet Security › Web Server Security v
« Previous 1 2 3 Next »

How to improve the security of your OpenSSH server installations

  
Thread Rating:
  • 0 Vote(s) - 0 Average
  • 1
  • 2
  • 3
  • 4
  • 5
Threaded Mode | Linear Mode
How to improve the security of your OpenSSH server installations
04-22-2006, 11:46 AM,
Post: #1
mandy Offline
Administrator
*******
 		Posts: 9,932
Likes Given: 0
Likes Received: 6 in 5 posts
Joined: Feb 2011
Reputation: 0
How to improve the security of your OpenSSH server installations
Quote:Here is a quick way to drastically improve the security of your OpenSSH server installations...

From personal experience with clients over the years, I have found that most administrators tend to install an SSH server and leave it at its default settings, typically to allow password authentication and root logins. Many don't even know that there is an alternative (key-based authentication), or they think the alternative is too hard to use. It is not - it takes all of five minutes to configure key-based authentication and disable root logins, and the security gains are enormous. Below, I'll step you through the process. I add comments where a step may not be needed.

Configuring and Testing Key-Based Authentication
This is not really a hard as it seems....

full article: http://geekpit.blogspot.com/2006/04/five...e-ssh.html
Like Post Reply
[+]
05-27-2006, 08:30 AM,
Post: #2
mandy Offline
Administrator
*******
 		Posts: 9,932
Likes Given: 0
Likes Received: 6 in 5 posts
Joined: Feb 2011
Reputation: 0
SSH installations: how to avoid creating gaping holes in your security with SSH
A related article discusses ways to avoid creating exploitable holes in your system when you implement SSH:

Quote:SSH as Salvation?

Some years ago I started doing research on SSH, the wonder tool of the security set. I read one article about a clever SSH setup. The administrator’s DMZ hosts could contact the intranet patching server, something normally verboten. The DMZ servers would route through the administrator’s PC and then access the internal patching server. After considering the author’s SSH design, however, I soon recognized definite security impacts to this approach.

Although several major security compromises are made possible through poor SSH design, does that mean that SSH is a likely target? Consider this: SSH is one of the most attacked services. As the SANS Institute states in its current top 20 vulnerabilities roundup, "Of particular interest this year are attacks against SSH." SSH is rated U1, the top UNIX vulnerability. Why is SSH such a target? In this article, you’ll learn why people are implementing SSH on Windows, mainframe, and UNIX devices. We’ll explore port forwarding, a cool SSH capability. Then we’ll take apart the clever administrator’s SSH design, including attacks against key authentication itself...

full article: http://www.informit.com/articles/printerfriendly.asp?p=471099&rl=1
Like Post Reply
[+]
« Next Oldest | Next Newest »




Possibly Related Threads…
Thread Author Replies Views Last Post
  Morons on Display at Boston University: Major Web Server Security Screwup bargainbloodhound 5 5,964 01-27-2012, 12:30 AM
Last Post: bargainbloodhound
  50 Open Source Network and Server Security Tools mandy 0 3,156 11-11-2008, 10:30 AM
Last Post: mandy
  Diagnosing a Hacked Linux Server Kristijntje 0 3,214 08-25-2007, 02:09 PM
Last Post: Kristijntje
  Protecting your Web Server from Attacks: Why Web applications are at High Risk mandy 0 2,858 02-26-2007, 11:11 AM
Last Post: mandy
  Secure Your Linux Server regic 0 2,957 03-25-2006, 05:52 PM
Last Post: regic
  Test your server for vulnerabilities with Nikto misteroriginal 2 4,039 02-25-2006, 04:10 AM
Last Post: misteroriginal

  • View a Printable Version
  • Send this Thread to a Friend
  • Subscribe to this thread
Forum Jump:


Users browsing this thread: 1 Guest(s)
  • Contact Us
  • TulipTools Internet Business Owners and Online Sellers Community
  • Return to Top
  • Lite (Archive) Mode
  • RSS Syndication
  • Help
Current time: 02-14-2026, 07:29 PM Powered By MyBB, © 2002-2026 MyBB Group. Theme created by Justin S.
powered by Apache

powered by Linuxpowered by CentOS

Copyright 2000-2013 TulipTools.com. All rights reserved.