Re: Cisco PIX with SSH enabled on external port for maintenance

From: Alloishus BeauMains (all0i5hu5_at_gmail.com)
Date: 11/10/05

  • Next message: Chris Largret: "Re: Cisco PIX with SSH enabled on external port for maintenance"
    Date: Thu, 10 Nov 2005 15:25:35 -0600
    To: Cam Fischer <camfischer@gmail.com>
    
    

    There are no reasons I can think of if you use the latest version of
    SSH, and if you make sure that you require an authentication key that
    has to be copied to the PC.

    And then, unless someone has a weak passphrase, then you should be pretty set.

    Anyone else?

    On 11/9/05, Cam Fischer <camfischer@gmail.com> wrote:
    > I am looking for some reasons why I should not be allowing SSH on the
    > external side of my Cisco PIX firewall. It would be great for
    > management, but what are the risks associated with this?
    >
    > Thx
    >
    > Cam
    >


  • Next message: Chris Largret: "Re: Cisco PIX with SSH enabled on external port for maintenance"

    Relevant Pages

    • Re: Strange file appeared in my home directory
      ... > reasons to believe that you haven't been broken into. ... > and restore date from a good backup. ... I have numerous services active within my LAN, but none except SSH is ... I regularly verify this by portscanning my machine ...
      (freebsd-questions)
    • Re: Build/Install world via ssh
      ... What specific versions are you upgrading to/from? ... I personally do upgrades over SSH all the time (by skipping the ... single-user step) but there are reasons it's not recommended. ... stuck with a world newer than your old kernel. ...
      (freebsd-questions)
    • Re: Whats the fast way to display Linux desktop on Solaris box?
      ... reasons. ... As per the Xserver manpage, you would need to enable it using ... Running with ssh -X -C does give acceptable performance. ... resolution obtainable be limited by the graphics card in the server. ...
      (comp.unix.solaris)
    • Re: Help: Using ssh and X windows on mac
      ... for a variety of security reasons. ... X forwarding is a very useful feature of ssh and is good for the ... It was a Java app and even over ethernet it was kind of slow. ...
      (comp.sys.mac.system)
    • Re: Remote X
      ... but one of the reasons I wanted this was to be able to do remote system ... You can always tunnel VNC over ssh. ... particular script/program on the remote system in one shot. ... Set this launcher up to run without a terminal and you get a nice ...
      (Fedora)