North American Network Operators Group

Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical

Re: FW: The worst abuse e-mail ever, sverige.net

  • From: Brian Wallingford
  • Date: Tue Sep 21 23:23:47 2004

:Let's put this in perspective.  Say a hypothetical sysadmin were to
:disable any and all authentication on his SSH server.  And that
:someone then used SSH from your network to run code that sysadmin
:didn't like on that machine.  Would you then consider it reasonable if
:the sysadmin proposed:
:
:   The only responsible thing to do is filter port 22, smarthost for
:   your users, and inform them about using the alternate submission
:   port with authenticated SSH in order to work with enterprise SSH
:   servers - or IPSec VPNs, for that matter. This is simply the best
:   practice, at this point in time.
:

Apples & oranges;  thanks for playing, please try again...