View Single Post
Old 19th February 2011, 03:54
nopsx nopsx is offline
Junior Member
Join Date: Feb 2011
Posts: 1
Thanks: 0
Thanked 0 Times in 0 Posts
Default Restrict ssh local network discovery

I'm about to start on a project in a hosting environment, mostly developing the front end application for clients to setup their hosts. Anyway, i'm getting familiar with ispconfig 3 on a Centos 5.5 server, i've been tearing through the manual and other rhel manuals.

I'm not sure if this is something I should be doing on the OS itself or in ispconfig, but when I create a 'test' client and ssh (using jailkit) into their environment, using the ssh client inside the jail, i'm able to connect to other machines on the LAN. This is an issue where a client could pivot attacks into the internal network, or at the least, the host of the ispconfig machine.

Should I be mitigating this with firewall rules inside ispconfig? Any help would be appreciated, i'm trying to learn as much as possible about the hosting environment before designing an application around it.
Reply With Quote
Sponsored Links