Are you interested in client side or service compliance?
For server side, NERSC (National Energy Research Scientific Computer
Center) had developed a version of OpenSSH that can audit user interactions
called Instrumented SSH (iSSH). iSSH uses Bro IDS to generate and manage
alerts. It's a pretty cool system.
A white paper on iSSH can be found at:
http://www.escholarship.org/uc/item/35s7k4hk
The code for iSSH is located at:
https://code.google.com/p/auditing-sshd/
If you are new to Bro IDS the best way to install Bro IDS for small or test
environments is via SecurityOnion.
http://securityonion.blogspot.com/
Scott Campbell (the author of the white paper on iSSH) gave an excellent
talk about iSSH and Bro IDS at the Bro Exchange 2012 last week in Boulder.
They recorded all the talks and it should be available soon on Bro's
website:
http://www.bro-ids.org
Hope this helps,
Al Cooper CISSP MCSE
HMC Networks, Inc.
-----Original Message-----
From: listbounce (at) securityfocus (dot) com [email concealed] [mailto:listbounce (at) securityfocus (dot) com [email concealed]] On
Behalf Of Mike S
Sent: Saturday, August 11, 2012 11:10 AM
To: security-basics (at) securityfocus (dot) com [email concealed]
Subject: Compliance and SSH
Can anyone point me to which compliance method restricts or prohibits ssh
connections out of a company? The company I work for has several different
compliance issues and regulatory bodies to meet, and I'm trying to id this
one.
Thanks
--
Mike of Many Stories, Ideas, and Ramblings Game Chef 2009, 2010 NaNoWriMo
2008, 2009
http://mikeofmanystories.blogspot.com/ - writings
http://mikeofmany.wordpress.com/ - personal bloggery
Securing Apache Web Server with thawte Digital Certificate In this guide we
examine the importance of Apache-SSL and who needs an SSL certificate. We
look at how SSL works, how it benefits your company and how your customers
can tell if a site is secure. You will find out how to test, purchase,
install and use a thawte Digital Certificate on your Apache web server.
Throughout, best practices for set-up are highlighted to help you ensure
efficient ongoing management of your encryption keys and digital
certificates.
Securing Apache Web Server with thawte Digital Certificate
In this guide we examine the importance of Apache-SSL and who needs an SSL certificate. We look at how SSL works, how it benefits your company and how your customers can tell if a site is secure. You will find out how to test, purchase, install and use a thawte Digital Certificate on your Apache web server. Throughout, best practices for set-up are highlighted to help you ensure efficient ongoing management of your encryption keys and digital certificates.
Are you interested in client side or service compliance?
For server side, NERSC (National Energy Research Scientific Computer
Center) had developed a version of OpenSSH that can audit user interactions
called Instrumented SSH (iSSH). iSSH uses Bro IDS to generate and manage
alerts. It's a pretty cool system.
A white paper on iSSH can be found at:
http://www.escholarship.org/uc/item/35s7k4hk
The code for iSSH is located at:
https://code.google.com/p/auditing-sshd/
If you are new to Bro IDS the best way to install Bro IDS for small or test
environments is via SecurityOnion.
http://securityonion.blogspot.com/
Scott Campbell (the author of the white paper on iSSH) gave an excellent
talk about iSSH and Bro IDS at the Bro Exchange 2012 last week in Boulder.
They recorded all the talks and it should be available soon on Bro's
website:
http://www.bro-ids.org
Hope this helps,
Al Cooper CISSP MCSE
HMC Networks, Inc.
-----Original Message-----
From: listbounce (at) securityfocus (dot) com [email concealed] [mailto:listbounce (at) securityfocus (dot) com [email concealed]] On
Behalf Of Mike S
Sent: Saturday, August 11, 2012 11:10 AM
To: security-basics (at) securityfocus (dot) com [email concealed]
Subject: Compliance and SSH
Can anyone point me to which compliance method restricts or prohibits ssh
connections out of a company? The company I work for has several different
compliance issues and regulatory bodies to meet, and I'm trying to id this
one.
Thanks
--
Mike of Many Stories, Ideas, and Ramblings Game Chef 2009, 2010 NaNoWriMo
2008, 2009
http://mikeofmanystories.blogspot.com/ - writings
http://mikeofmany.wordpress.com/ - personal bloggery
------------------------------------------------------------------------
Securing Apache Web Server with thawte Digital Certificate In this guide we
examine the importance of Apache-SSL and who needs an SSL certificate. We
look at how SSL works, how it benefits your company and how your customers
can tell if a site is secure. You will find out how to test, purchase,
install and use a thawte Digital Certificate on your Apache web server.
Throughout, best practices for set-up are highlighted to help you ensure
efficient ongoing management of your encryption keys and digital
certificates.
http://www.dinclinx.com/Redirect.aspx?36;4175;25;1371;0;5;946;e13b6be442
f727
d1
------------------------------------------------------------------------
--
This message has been scanned for viruses and dangerous content by
MailScanner, and is believed to be clean.
--
This message has been scanned for viruses and
dangerous content by MailScanner, and is
believed to be clean.
------------------------------------------------------------------------
Securing Apache Web Server with thawte Digital Certificate
In this guide we examine the importance of Apache-SSL and who needs an SSL certificate. We look at how SSL works, how it benefits your company and how your customers can tell if a site is secure. You will find out how to test, purchase, install and use a thawte Digital Certificate on your Apache web server. Throughout, best practices for set-up are highlighted to help you ensure efficient ongoing management of your encryption keys and digital certificates.
http://www.dinclinx.com/Redirect.aspx?36;4175;25;1371;0;5;946;e13b6be442
f727d1
------------------------------------------------------------------------
[ reply ]