| [cross-project-issues-dev] SSH shell protection |
|
Last Wednesday I informed you[1] about a simple
mechanism which will block shell access from unknown IP networks. That mechanism is now in an informative mode, meaning you will get a notice from sabot@xxxxxxxxxxx when you access a shell from a network we've never seen before. No block action is taken, but I encourage you to read and respond to those emails, which will place the unknown network in the trusted list, thus minimizing alerts and interruptions once the mechanism goes into protective mode. Here is a sample of the email: Subject: SSH Shell access from unknown IP: 206.191.52.51 Hello,
Our systems have detected that you (droy) have successfully logged in to an SSH shell on build.eclipse.org from:
206.191.52.51 (dev1.eclipse.org)
We've never seen you log in from there before, and we're worried that someone may be impersonating you, so we've blocked access to your account from that location. If this is indeed you and would like to trust this location, simply reply to this email, leaving the body intact, and access will be granted immediately.
On the other hand, if this is not you and you were not expecting this email, your Eclipse account may have been compromised, and we urge you to please contact webmaster@xxxxxxxxxxx _immediately_!
Thank you.
B23awsdd6jmLm09IASYGhbW43jT45AAq
Thanks, Denis [1] http://dev.eclipse.org/mhonarc/lists/cross-project-issues-dev/msg06625.html --
Denis Roy |