Use of the campus external VPN is encouraged to limit access
If you need to have ssh or other ports open without the use of the VPN, then email fw-changes-l@lists.rpi.edu with the following:
A static IP address
Brute force password protection is required. A strong password does not count. We have had strong random 9 character passwords fall to brute force guessing on the campus. You will need to take steps that could include some of the following
Account lockouts
Firewall rules to limit the number of connections from a host
Host certificates
2 factor authentication
IP restriction to a known external subnet
System will be scanned via nessus from time to time. It will need to be maintained. It can't be a set it up and leave it alone machine.
Note that labstaff does not provide support for user maintained servers beyond basic questions.
Server restrictions
No commercial endorsements
Websites with commercial branding or references
Servers may not generate commercial network traffic
Revenue generating websites, banner ads, off campus links to commercial vendors
No unreasonable use of campus resources
Saturating the campus backbone with network traffic