You are right... :-[

But, I have just filtered out ssh connections from world to our public hosts (CE, SE, RB).
The only entry point to our site has remained the gateway host, which does NAT/FW for all nodes.

Kostas Georgiou wrote:

[log in to unmask]" type="cite">

On Mon, Jun 13, 2005 at 06:57:50PM +0300, Dan Schrager wrote:

And the receipe to protect your site from similar attempts would be to
mkdir -p ~/.ssh/cucu
chown root.root ~/.ssh
chmod 0 ~/.ssh
The directory ~/.ssh should not be empty -- otherwise it can be removed 
by the simple user, hence the inside directory "cucu"...


Well it can't be removed true, but mv .ssh .ssh-old will still work ;P

Kostas