Put Your OpenSSH Server in SSHjail

“Jailing is a mechanism to virtually change a system’s root directory. By employing this method, administrators can isolate services so that they cannot access the real filesystem structure. You should run unsecured and sensitive network services in a chroot jail, because if a hacker can break into a vulnerable service he could exploit your whole system. If a service is jailed, the intruder will be able to see only what you want him to see – that is, nothing useful. Some of the most frequent targets of attack, which therefore should be jailed, are BIND, Apache, FTP, and SSH. SSHjail is a patch for the OpenSSH daemon. It modifies two OpenSSH files (session.c and version.h) and allows you to jail your SSH service without any need for SSH reconfiguration.”

9 Comments

  1. 2007-04-25 12:56 pm
    • 2007-04-25 8:20 pm
  2. 2007-04-25 1:18 pm
    • 2007-04-25 1:33 pm
      • 2007-04-25 7:40 pm
    • 2007-04-25 1:58 pm
    • 2007-04-25 7:09 pm
  3. 2007-04-25 1:39 pm
  4. 2007-04-26 7:03 am