Tuesday, September 2, 2008

If you aren't using the door, close it!

No, that's not latent fatherly advice, (and turn off that light!)- it is a reminder that a lot of systems have SSH ports open to the Internet, and the Internet is a dangerous place.

Yeah, we all know that- but did you remember to lock the door last time you used it?  I ask now because I have heard *anecdotally* (wink, wink, nudge, nudge) that lots of folks are getting SSH scanned heavily, including many login attempts.  Lines up well with this US-CERT advisory.  So take a minute to review what you have facing the tubes, and close what you can.

If you do need to leave SSH wide open, this might be a good time for reviewing keys and passphrases- and keeping an eye on logs.